Coker and Easterly applaud recommendations around cyber-physical resilience laid out in a new report from the President’s Council of Advisors on Science and Technology.

WASHINGTON, DC – NOVEMBER 02: Harry Coker Jr., President Joe Biden’s nominee to be the next National Cyber Director, testifies during his confirmation hearing before the Senate Homeland Security and Governmental Affairs Committee at the Dirksen Senate Office Building on November 02, 2023 in Washington, DC. If confirmed Coker would serve as the second National Cyber Director, replacing inaugural Director Chris Inglis who resigned in 2023. (Photo by Kevin Dietsch/Getty Images)

A presidential advisory report on improving the resilience of critical infrastructure sectors won the approval of the nation’s top cybersecurity experts Wednesday, particularly around better funding for the agencies that are supposed to help them protect against cyberattacks.

The report from the President’s Council of Advisors on Science and Technology, which laid out multiple recommendations for the White House to consider, was first approved in January and made public in February. While the report has four overarching recommendations, a large portion is dedicated to gaining a better understanding and prioritizing the increased complexity and interdependencies of critical infrastructure organizations.

At an event panel on the report  Harry Coker, the national cyber director, and Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency, both lauded the report, pointing out in particular the recommendation to give additional funds to the agencies in charge of sectors, known as the sector risk management agencies.

Coker said that President Joe Biden’s fiscal year 2025 budget proposal showed that it was a “priority.” 


“I think we can all agree there are certain sector risk management agencies in certain sectors that have invested more significantly in security and resilience,” Easterly said. “And frankly, it’s why we prioritized over the last year and a half working with SRMAs like [the Department of Health and Human Services, the Environmental Protection Agency and the Department of Education]. So we can work with those sectors to provide free services and capabilities.”

Easterly also provided minor updates to multiple initiatives that the agency is pursuing, including that its list of systemically important critical infrastructure entities has grown to just under 500. 

However, Easterly also said that there is more work to be done on that front, as UnitedHealth Group was considered a systemically important entity but Change Healthcare was not. HHS is currently monitoring the situation with Change Healthcare after a ransomware attack on the UnitedHealth subsidiary disrupted health care services across the country.

Easterly also said that CISA plans to publish a set of sector-specific cybersecurity performance goals for the finance, information technology, and energy sectors in the coming months.

Christian Vasquez

Written by Christian Vasquez

Christian covers industrial cybersecurity for CyberScoop News. He previously wrote for E&E News at POLITICO covering cybersecurity in the energy sector. Reach out:  christian.vasquez at cyberscoop dot com

Latest Podcasts