Exclusive interview with MSSP Alert: US Congressman Frank Mrvan, co-sponsor of the Strengthening VA Cybersecurity Act (SVAC) – MSSP Alert

Upon taking office in 2020, Congressman Frank Mrvana Democrat representing Indiana’s first congressional district, jumped straight into the cybersecurity fray — with a particular focus on cyber defense for American veterans.

Rep. American Frank Mrvan, D-Indiana.

First-year members of Congress quickly rose to the position of Chair of the Technology Modernization Subcommittee on the House Veterans Affairs Committee. The Technology Modernization Subcommittee has jurisdiction to oversee and investigate major IT projects and technology modernization programs of the Department of Veterans Affairs, such as the Electronic Health Records Modernization Project ( DSE) and the Financial Management Business Transformation Program (FMBT). The subcommittee also oversees cybersecurity, data privacy, and technology management and innovation as it relates to the Veterans Administration (VA).

In support of cybersecurity on behalf of U.S. veterans, Mrvan, along with U.S. Representative Nancy Mace (R-South Carolina) and Representative Susie Lee (D-Nevada), and U.S. Representative Andrew Garbarino (R-New York) , have co-sponsored the Strengthening VA Cybersecurity Act of 2022 (SVAC). The purpose of this bipartisan legislation is to strengthen the VA’s cybersecurity and protect its IT systems and devices.

A closer look at the VA Cyber ​​Security Enhancement Act (SVAC)

Specifically, the SVAC Act requires the VA to obtain an independent cybersecurity assessment of its most critical information systems, as well as its cybersecurity posture as a whole. Legislation requires the VA to develop a timetable and budget to correct the weaknesses and deficiencies identified by the report. US Senators Jacky Rosen (D-Nevada) and Marsha Blackburn (R-Tennessee) introduced a complementary measure in the Senate.

In addition, the SVAC law of 2022 will:

  • Protect against advanced cybersecurity threats, ransomware, denial of service attacks, insider threats, threats from foreign actors, phishing, credential theft, and other cyber threats
  • Ensure all Department of Veterans Affairs IT is covered, including onsite, remote, cloud-based, and mobile information systems and devices used by or in support of Veterans Affairs business. ‘AV
  • Require the Secretary of Veterans Affairs to submit a detailed report and implementation plan to Congress within 120 days of the independent assessment
  • Require the General Accounting Office (GAO) to review the VA plan and assess whether cost estimates and timelines are realistic

Discussing the SVAC Act, U.S. and global cybersecurity protections, and his general concern for cybersecurity, Congressman Mrvan, from his home office in Merrillville, Indiana, gave an exclusive interview to the editor. head of MSSP Alert, Jim Masters.

Full disclosure: Mrvan represents the congressional district encompassing the area of ​​northwest Indiana where Masters resides.

MSSP Alert Interview: Congressman Mrvan Discusses Interest in Cybersecurity and Legislative Efforts

Where does your interest in cybersecurity come from? What fascinates you in this area and keeps you up at night?

It all started as a member of the VA committee, and cybersecurity has always been one of my interests. I remember (when I was previously the administrator of the North Township in northwest Indiana) we brought in people from the Justice Department and the FBI to talk to our seniors about cybersecurity and the important to make sure you change your password and take care of your (electronic) records.

Cybersecurity keeps me up at night and fascinates me because it is one of the ever-evolving, cutting-edge technologies that safeguard our national security and our veterans’ records. When we summarize my role as chair of the technology modernization subcommittee for the AV, what puts me on high alert is the conflict between Russia and Ukraine, the other nations that are attacked, as well as the bad actors who are doing the attack. We have to be very focused on protecting and making sure we have the investments in cybersecurity, and also making sure we protect our veterans’ records.

What is the history of the VA Cybersecurity Law Enforcement (SVAC) legislation that you co-sponsored?

I introduced the Strengthening VA Cybersecurity Act to require the VA to acquire cybersecurity assessments from an independent federally funded entity. The purpose of this bipartisan legislation is to strengthen cybersecurity at the Department of Veterans Affairs and to protect the information and technology systems and devices used at the VA. Unfortunately, in 2020 there was a breach involving veterans recordsso something had to be done to make sure there was an assessment and an investment…that we’re at the forefront of cybersecurity and protecting their information.

This legislation will move us in the right direction and give the VA the tools it needs to effectively protect against new and emerging cybersecurity threats and protect the personal information of our veterans. The bill passed the House and is moving forward in the Senate.

In addition to SVAC legislation, how are you using the influence of the committee to improve cybersecurity protections for the VA as well as the nation’s broader cyber defense?

It’s important to remember that the VA is the largest integrated healthcare network in the United States. It’s a great company that provides care and benefits to millions of veterans. Thus, our veterans’ personal information can be attractive targets for foreign adversaries and cybercriminals, making it essential for the VA to commit to long overdue system upgrades and take proactive steps to mitigate. cyber threats. The VA stores, transfers and processes massive amounts of data and sensitive information. However, the VA spends less on cybersecurity than most other (federal) agencies, leaving veterans’ sensitive information vulnerable to cybercrime.

This bill specifically allows us to ensure that we create the firewalls and that we put the systems in place to be able to protect our veterans. This is a long overdue investment to protect veterans’ benefits. In the end, it’s a game of cat and mouse. There is a constant hunt between bad actors trying to breach systems and to be able to protect those systems. So once you have one level of protection, they determine the next level. Next, you need to create the next level of protection. I must continue to ensure that I leverage the presidency of this position within the VA, and for the nation, to have my finger on the pulse of cybersecurity around the world.

How can public-private partnerships better serve US cybersecurity, such as working with Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs).

Neither government nor the private sector alone has the knowledge, authority, or resources to ensure the security and resilience of the country’s cybersecurity infrastructure. Therefore, I think public-private partnerships are important for sharing information to enhance security. The Cybersecurity Infrastructure Security Agency (CISA) provides best practice recommendations for these public and private partnerships. I think it’s extremely important for the federal government to develop those relationships.

With cybersecurity being a global issue, how effective is the United States in dealing with this ongoing and seemingly growing threat to national defense and that of our allies?

Cyberattacks are tools of war, and we must be able to protect ourselves against them. It’s a never-ending mission to make sure we’re the next level of protection for everything we can in our country, from the grid system, to our water system, to VA benefits, and to our health records. . Given Russia’s recent aggression and invasion of Ukraine, it is even more important than ever to ensure that we bolster America’s critical cybersecurity infrastructure. This is why I supported the Law of Ukraine on additional credits, which provided critical resources to the cybersecurity capabilities of our allies. I will continue to support measures that serve and strengthen cybersecurity infrastructure at home and for allies abroad.

What are America’s greatest cyber defense needs? Talent/training, new products, partnership programs, legislation?

Since taking office, the administration (Biden) has actively sought to assess the challenges in dealing with cybersecurity threats. I support the efforts of the administration and Department of Homeland Security Secretary Alejandro Myorkas to strengthen protections for civilian government networks and improve the resilience and security of our supply chains. I will continue to closely monitor the administration’s actions and seek opportunities, such as SVAC legislation, to strengthen cybersecurity to protect our veterans and active duty military personnel, as well as all Americans.

It is good to know that our universities are strong when it comes to cybersecurity education. When you sit down with students, they talk about cybersecurity, being involved in that type of field or profession. I think it is vitally important that our community colleges and universities provide the resources and educational elements necessary to prepare the next generation for careers in cybersecurity.

In terms of cybersecurity, what do you consider to be your greatest accomplishment as a member of Congress?

I would say the biggest achievement is the introduction of HR 4951, the VA Electronic Health Records Transparency Act. It requires the VA to provide Congress with quarterly reports that assess comprehensive cost performance measures and results for the Electronic Health Records Modernization Program (EHRM). As Chair of the Technology Modernization Sub-Committee, I am responsible for ensuring that the program meets the needs of our veterans. Our veterans deserve the best care and service available. The American taxpayer deserves to know that Congress is providing careful oversight of the EHRM program and its costs. I want to emphasize that when it comes to electronic medical records, we want to make sure that patient safety is a major issue, that we are on budget and on target.

#Exclusive #interview #MSSP #Alert #Congressman #Frank #Mrvan #cosponsor #Strengthening #Cybersecurity #Act #SVAC #MSSP #Alert

Related Articles

Back to top button