For eight grueling months Brandon Wales was the acting director of the U.S. Cybersecurity Infrastructure and Security Agency, hopping from one bad cybersecurity headline to the next as digital adversaries landed blow after blow.
“I am not sure that I wish it upon others,” he told the crowd of MSPs at Right of Boom Thursday, an MSP-focused security conference in Grapevine, Texas.
Current CISA Director Jen Easterly was sworn in July 12. Wales has been executive director of the agency since.
Wales is responsible for leading long-term strategy development, managing CISA-wide policy initiatives and ensuring operational collaboration across the agency. Previously, he was the director of the Homeland Infrastructure Threat and Risk Analysis Center, or HITRAC, an all-hazards analytics resource covering the array of risks facing the infrastructure community. From 2009 to 2014, Wales oversaw the department’s advanced modeling, simulation and analysis program, leading a team of researchers conducting analysis of complex infrastructure challenges.
“One Saturday afternoon, I get a call from Kevin Mandia, who lets me know that FireEye had been compromised. I met with him and his team that following week and realized that was a pretty serious compromise and very serious situation that FireEye had dealt with,” he said. “That lasted all of another about two weeks before I got a call from Microsoft, letting me know of what then became the SolarWinds compromise. But obviously, it was much more than just SolarWinds, that was actually much more focused on trying to access Microsoft Office 365 in the cloud.”
What followed were three equally high-profile ransomware events, each of which took turns at upending daily life for millions Americans, either through panic-induced gasoline shortages with the Colonial Pipeline attack, or the threat of higher meat prices when JBS Foods was ransomed, or the sheer volume of targets hit in the Kaseya supply chain attack.
For 45 minutes Thursday Wales talked with MSPs about their market, their business and the security threats they face. He also talked about the frightening security landscape that persists for MSPs, their vendors and customers.
Host Andrew Morgan, founder of The CyberCall, asked Wales questions during the talk. What follows is an edited transcript that highlights the topics Wales covered.