Sen. Gary Peters Sounds the Alarm on CISA 2015 Renewal, Cyber Budget Cuts, and Local Defense Gaps
Season 2 Episode 34 •Show Notes
Congress is back from August recess with just weeks to act on vital national issues. One key deadline: reauthorizing the 2015 law that shields companies when they share threat intelligence with the federal government. In this episode, Senator Gary Peters (D-MI) joins host Frank Cilluffo to explain why renewing CISA 2015 is essential to national security, how one senator is holding up progress, and what listeners can do about it. The conversation also covers Peters’ push to cut red tape for cyber professionals, shore up state and local defenses, and close critical workforce gaps before it’s too late.
Main Topics Covered
- Urgent need to renew CISA 2015 liability protections
- Misinformation and confusion around CISA’s mission
- Importance of cyber grant funding for state and local governments
- Regulatory burdens facing cyber professionals and the need for harmonization
- Federal cyber workforce recruitment and retention
Key Quotes
“We only have a few weeks and [CISA 2015] will expire, and that will be catastrophic for our ability to protect against all the bad guys that are out there.” – Sen. Gary Peters
“Trust is everything. And if you don’t have [CISA 2015], we go back to the environment we had before where there was a lack of trust… once you lose trust, it’s really hard to get it back.” – Sen. Gary Peters
“Sometimes our cyber professionals spend 40, 50, 60% of their time doing paperwork and checking boxes. That makes no sense.” – Sen. Gary Peters
“You actually end up saving money by investing in this kind of protection [state and local cyber grants]. And at a time when we’re running record deficits that are going to increase, we’ve got to be thinking about being smart… and actually bringing down the cost of what would happen with a cyber attack.” – Sen. Gary Peters
“If we don’t protect our weakest links, it doesn’t matter how good you are at the top—you’re going to have some serious problems.” – Sen. Gary Peters
Relevant Links and Resources
Guest Bio
Sen. Gary Peters is Ranking Member of the Senate Homeland Security and Governmental Affairs Committee and a nationally recognized leader on cybersecurity policy. A Navy Reserve veteran and former financial executive, he has shaped major legislation on homeland security, cybersecurity, and critical infrastructure—with more bills signed into law than any other senator in a recent session. He also serves on the Appropriations, Armed Services, and Commerce Committees.
Transcript
1
00:00:00,000 –> 00:00:01,000
Sen. Gary Peters [00:00:00]: CISA is under siege in terms of the resources and the cutbacks that are there. I think it’s important for my colleagues to hear stories from people who will have those stories who are, who are listening, who know how CISA has aided in efforts and how it’s made a difference in strengthening cyber. But unless my colleagues hear those stories, they’re going to be less inclined to support it. And how state and local grant funding is cost effective. You actually end up saving money by investing in this kind of protection.
2
00:00:01,000 –> 00:00:02,000
Frank Cilluffo [00:00:31]: Welcome to Cyber Focus from the McCrary Institute, where we explore the people and ideas shaping and defending our digital world. I’m your host, Frank Cilluffo, and this week I have the absolute privilege to sit down with Senator Gary Peters. Senator Peters is known to everyone in the cyberspace and the cyber domain. He’s the ranking member of the Senate Homeland Security and Government Affairs Committee. He is a prolific legislator.
3
00:00:02,000 –> 00:00:03,000
Frank Cilluffo [00:00:55]: Go figure. You got a senator who actually legislates a whole lot. And he’s known as one of the most effective and bipartisan leaders on Capitol Hill. Previously had military experience as a Naval reservist, including being called up right after 9/11, and was a member of Congress before that, did stints in academia. He’s a Renaissance man. So, Senator Peters, thank you for joining us today.
4
00:00:03,000 –> 00:00:04,000
Sen. Gary Peters [00:01:20]: Well, thank you, Frank. It’s good to be with you. And your background is amazing, too, so it’s great, it’s a pleasure to be with you.
5
00:00:04,000 –> 00:00:05,000
Frank Cilluffo [00:01:26]: I display varying degrees of ignorance on lots of subjects, but really excited to sit down. And there is so much on the agenda and very few calendar days to get things over the goal line. So what I thought I’d do is, when you first came into, let’s go back to the House of Representatives, because you were leading on cyber issues even back then, and I might say, as a solarium commissioner, I was so happy that you passed the legislation to create the Office of the National Cyber Director, along with Angus King and Senator Rounds and others. But I thought maybe we’d start with when you came in to where we are today. So before we jump into the meat of the issue.
6
00:00:05,000 –> 00:00:06,000
Sen. Gary Peters [00:02:06]: Yeah, happy to. Well, I think it’s kind of a, curves up, and then now it’s starting to come down a little bit. So I’m sure we’ll be able to talk a little bit about that in this program. But certainly cyber was not on the top of everybody’s mind when I came in. I came in in 2009, and certainly cyber was an issue then too, but it wasn’t one that I would say captivated most of the folks in Congress. There are a lot of things, of course, that was also the financial crisis at that time. So folks were focused on that.
7
00:00:06,000 –> 00:00:07,000
Sen. Gary Peters [00:02:31]: Personally, I was really focused to make sure we have an auto industry from Detroit, happy to say that happened. And that rescue was there. But it changed later as we saw some of the big cyber attacks, the Sony attack and OPM had the big attack. And then many of my colleagues were like, okay, what’s going on here? This matters, so we better get our act together. You mentioned the commission. The Solarium Commission was there as an effort to try to make sure we’re thinking this through, bringing in experts like yourself and others to think about what we need to do. And so it started to change. Also right out of the box was CISA, the 2015, which we’re going to talk about, that’s coming to an end here, which is a concern.
8
00:00:07,000 –> 00:00:08,000
Sen. Gary Peters [00:03:15]: But that turned out to be a really big deal. I mean, it was clear that folks needed to work together. The threats were increasing. Companies needed to work with the federal government. Companies needed to work with each other. They needed to know that they had liability protections when they’re sharing information like that. No one wanted to do it, and yet everybody knew they better be talking to each other. And so that legislation was critically important.
9
00:00:08,000 –> 00:00:09,000
Sen. Gary Peters [00:03:37]: And I think it’s, since that time, it’s got a great track record. We’ve continued to do a number of cyber legislation since then. I’ve written many of those, which I’m proud to say that we did. The one that was probably most significant was the incident reporting bill, which finally, at the end of this year, we should have the rules where we’ll require critical infrastructure to report attacks and ransomware attacks. And it just became clear as I was talking to my colleagues, because some of the businesses didn’t want to want to do that, even though there’s some liability protection. And some of my colleagues were a little hesitant with that. But I reminded them that if you’re in a war, which we are in cyber, that you need to have situational awareness. You need to know where the bad guys are, you need to know what weapons they have, you need to know where you have to act, where you need to move your forces, et cetera.
10
00:00:09,000 –> 00:00:10,000
Sen. Gary Peters [00:04:29]: We didn’t have that. I mean, the hearings I had in committee on it with FBI and others were saying, maybe we know 40% of the attacks in this country, if that. That might be, that might be optimistic.
11
00:00:10,000 –> 00:00:11,000
Frank Cilluffo [00:04:40]: Imagine that in a kinetic environment.
12
00:00:11,000 –> 00:00:12,000
Sen. Gary Peters [00:04:42]: In kinetic you’re literally blown out of the water, to use a Navy term. It would be really a problem. So, so that’s why we passed the legislation. We got people together and companies were coming along too. And it’s something you could explain to the public easily too, is the fact that if, if you have a, I would use this example, if you have a burglar in your neighborhood, you know, I want my neighbors to tell me that they got burglarized. So maybe I lock my door now, make sure I do that.
13
00:00:12,000 –> 00:00:13,000
Sen. Gary Peters [00:05:08]: And maybe the police come driving through the neighborhood more because you’ve got a burglar there. So that’s basically what the incident reporting bill is. So that was significant.
14
00:00:13,000 –> 00:00:14,000
Frank Cilluffo [00:05:15]: And that gets to broader collective defense, which is precisely, it’s one team, one fight here, not to go to an army adage, but it is the case. And in this case, unlike traditional national security sets of issues, the private sector is on the front lines in this war, and none of them went into business thinking they’re defending themselves against Chinese military intelligence services. Russia, Iran, North Korea, you name the bad adversary. So we’ve got to somehow square that circle and level the playing field as much as we can.
15
00:00:14,000 –> 00:00:15,000
Sen. Gary Peters [00:05:46]: Right.
16
00:00:15,000 –> 00:00:16,000
Frank Cilluffo [00:05:46]: But we’ve got very few days left in the congressional calendar. And you touched on the CISA 2015 reauthorization. Just give a sense of urgency here because maybe I’m in the minority, but I am really worried about that. If you don’t have the liability protection, you lose the trust, which is the coin of the realm, to paraphrase Mark Twain, to building this partnership. Right?
17
00:00:16,000 –> 00:00:17,000
Sen. Gary Peters [00:06:13]: Yeah, absolutely. Trust is everything. And if you don’t have it, we go back to the environment we had before where there was a lack of trust. You know as well as anyone, once you lose trust, it’s really hard to get it back.
18
00:00:17,000 –> 00:00:18,000
Frank Cilluffo [00:06:23]: Really hard to build. Yeah, yeah.
19
00:00:18,000 –> 00:00:19,000
Sen. Gary Peters [00:06:24]: So, you know, it’s like you got to keep the momentum going forward. And so the urgency is there. We only have a few weeks and it will expire and that will be catastrophic for our ability to protect against all the bad guys that are out there. The politics of it is boiling down to kind of one individual, to be honest with you. I fully support it. I have legislation to have a 10 year reauthorization. I’m willing to do a shorter one if folks want a shorter one to work on other issues. And certainly we need to do that.
20
00:00:19,000 –> 00:00:20,000
Sen. Gary Peters [00:06:54]: But in the meantime, we can’t let the whole bill expire during that time, we’re working on it. We have bipartisan support from our House, my House counterparts are there, but the current chair, I’m ranking member now. I was chair of Homeland. Now Rand Paul from Kentucky is the chair, and he’s had opposition to this legislation. He continues to have it. We’re working to try to bring together, hopefully later this month we’re going to have a, a markup or a hearing on that bill. So I’ve got a commitment from the chairman to work on it. But his issue is basically that he’s not happy with CISA. Not the CISA, there’s a confusion.
21
00:00:20,000 –> 00:00:21,000
Frank Cilluffo [00:07:33]: Not the agency.
22
00:00:21,000 –> 00:00:22,000
Sen. Gary Peters [00:07:34]: Not the agency.
23
00:00:22,000 –> 00:00:23,000
Frank Cilluffo [00:07:35]: With the agency.
24
00:00:23,000 –> 00:00:24,000
Sen. Gary Peters [00:07:36]: It’s with the agency, but it’s not the agency. So it’s not the reauthorization of the agency. And unfortunately, the agency has got some real opponents in the Congress right now. Folks think that the agency during the pandemic was, was involved in misinformation and talking about wearing mask and the need for vaccines, and they have problems with that. But it was a very small part of CISA, as you know. I think there were about 15 individuals out of 3,000 that were engaged, and we could debate whether or not they were actually doing that. Even if I say, okay, if that happened, it was only 15, and those 15 people are gone now.
25
00:00:24,000 –> 00:00:25,000
Sen. Gary Peters [00:08:14]: And I asked actually, Secretary Noem, because she said CISA needs to get back to its core mission. And I asked her, I said, well, those folks are gone. Is CISA back at its core mission? And she said, yes, it is. So if it is, I’m continuing to work with my colleague, Chairman Paul, that it’s not a picture of CISA, but this bill is different, too. You can’t conflate the two together.
26
00:00:25,000 –> 00:00:26,000
Frank Cilluffo [00:08:37]: And I think they are being conflated. And I think you ask very pointed questions of Sean Cairncross during his nomination hearing, Sean Planky. Both were strong advocates for the reauthorization. Am I correct on that?
27
00:00:26,000 –> 00:00:27,000
Sen. Gary Peters [00:08:50]: Yeah, they did. Planky, I commended him for that during the hearing that he’s there and I’m sitting right next to Chairman Paul. I did a little elbow. Hey, Rand, hear that? But I think if I could use this moment to express the sense of urgency, it is there. So, folks who are listening to this podcast, if you care about it, which you should, everybody should, make sure that that is getting to the chairman’s office.
28
00:00:27,000 –> 00:00:28,000
Frank Cilluffo [00:09:17]: Especially if you live in Kentucky. Right?
29
00:00:28,000 –> 00:00:29,000
Sen. Gary Peters [00:09:18]: Especially if you live in Kentucky or you know somebody who lives there that also shares this, please reach out to them and let them know, it’s really important to weigh in because the chair has a lot of influence in the Senate, as you know, and one senator can block things. I know when I first came into the Senate, I came in from the House and folks said, you’re going to love the Senate because, you know, one senator has a lot of power. I go, that’s great. They go, but you’re also going to hate the Senate. I go, why is that? One senator has a lot of power.
30
00:00:29,000 –> 00:00:30,000
Frank Cilluffo [00:09:45]: Well said. Well said.
31
00:00:30,000 –> 00:00:31,000
Sen. Gary Peters [00:09:46]: So we’re in that position right now.
32
00:00:31,000 –> 00:00:32,000
Frank Cilluffo [00:09:48]: You know, and I’d be remiss if I didn’t thank you for your service over all these years. And I think you publicly announced you’re not seeking reelection. That is a big loss for the cyber community. I mean, you rightfully pointed to the important bits and bills you supported. But from a legacy standpoint, we need leaders who understand these issues. And I worry. It’s not to put more on your shoulders, but Angus King is, Senator Rounds, these are, there’s, there’s still some prominent senators, but, but I do worry about that.
33
00:00:32,000 –> 00:00:33,000
Frank Cilluffo [00:10:26]: Am I fault, is that, disprove me of that.
34
00:00:33,000 –> 00:00:34,000
Sen. Gary Peters [00:10:30]: Well, you mentioned two great individuals who I work with. I work with Senator Rounds.
35
00:00:34,000 –> 00:00:35,000
Frank Cilluffo [00:10:33]: And Lankford.
36
00:00:35,000 –> 00:00:36,000
Sen. Gary Peters [00:10:34]: And Senator Lankford, all our partners of mine. So they’ll continue to be there. I think it’s just a matter of getting other champions. And that’s another thing. For the listeners here, to be engaged politically is critically important. And when you think about our job, we get pulled a thousand different ways constantly. So it’s not like people don’t care.
37
00:00:36,000 –> 00:00:37,000
Sen. Gary Peters [00:10:55]: You’re just pulled a lot of different ways. And so if someone’s not reaching out and saying, this is really important, let me make this case, then it’s, it won’t be taken up just because of the demands of the agenda that we have before us. As we are here. I’m running in here, and I’m going to run out as quickly as I ran in because our days are pretty full. So if folks listening here are not actively engaged in policy, it could come back to haunt everybody.
38
00:00:37,000 –> 00:00:38,000
Frank Cilluffo [00:11:21]: We will ring that bell as loud as we can. And I forgot who said it, but 1% inspiration, 99% perspiration and persistence. And we just need to be persistent to get this over the goal line. Unfortunately, we often pay most attention after it’s too late, after something really bad happens. We have not only an opportunity, we got it right 10 years ago. We got to get it right for the next 10 years.
39
00:00:38,000 –> 00:00:39,000
Sen. Gary Peters [00:11:47]: Exactly. We got a good track record. Let’s not mess it up.
40
00:00:39,000 –> 00:00:40,000
Frank Cilluffo [00:11:49]: Let’s not mess it up. Let’s go to CISA, the agency, and some of your thoughts around that, what the future looks like, what the focus should be on. And I think we’re starting to see conceptually an intent at least that more of the onus is going to be put on the front line. State, local, tribal, territorial, private sector, all of which is good, but they need the resources to get the job done, don’t they?
41
00:00:40,000 –> 00:00:41,000
Sen. Gary Peters [00:12:18]: Right. Oh, absolutely. And so, you know, let’s look at each of those that you mentioned. First, the agency, CISA. I’m very worried. I mean, you’re seeing massive cutbacks. The budget is a 20 plus percent reduction has been proposed. Already about 30% of the employees have been let go.
42
00:00:41,000 –> 00:00:42,000
Sen. Gary Peters [00:12:36]: This is a, this is an agency that I think was probably understaffed. When you consider the breadth of their responsibilities and the fact that cyber threats aren’t going away, they’re getting bigger and more sophisticated. And to your point, with state and local, it’s always the weakest link in the chain that you have to worry about. And CISA’s key role of working with small and medium businesses in particular, especially getting out threat information to them. If you’re a bigger company, you can afford a lot of that. If you’re smaller, not so much. So having an agency like CISA actively engaged as a helping hand, not a regulatory agency, it’s a helping hand to do that. And if we don’t protect our weakest links, it doesn’t matter how good you are at the top, you’re going to have some serious problems because you got to protect all parts of that chain there.
43
00:00:42,000 –> 00:00:43,000
Sen. Gary Peters [00:13:24]: And so that’s where the state and local grants are so important too. And the work that we’ve done. You talked about the track record, over $500 million, over 800 projects all across state and local to strengthen their defenses. Because they’re also usually the weakest link. They’re small, they can’t hire sophisticated cyber professionals to help them. They need assistance to go forward. And those resources, I would argue that spending that money is so much more cost effective than trying to pick up pieces from cyber attacks.
44
00:00:43,000 –> 00:00:44,000
Frank Cilluffo [00:13:57]: Exactly, exactly. And it’s essential, again, conceptually, one way or another, people can debate, but if more is expected, they just need the resources. And I’m somewhat reminded of the old homeland security discussion. So I worked for President Bush and was part of the standup of DHS at the time. And we were, first responders, preventers, they’re first on the scene and they’re the last to leave. But I still feel like they’re an afterthought in all of this. So I do hope that we redouble that, redouble down on those efforts.
45
00:00:44,000 –> 00:00:45,000
Sen. Gary Peters [00:14:29]: And so that goes back to my pitch for advocacy and why the listeners, the viewers of this podcast, understand that CISA is under siege in terms of the resources and the cutbacks that are there. I think it’s important for my colleagues to hear stories from people who will have those stories, who are listening, who know how CISA has aided in efforts and how it’s made a difference in strengthening cyber. But unless my colleagues hear those stories, they’re going to be less inclined to support it. And they may be wrapped up in some of the misinformation that’s there about CISA’s office, its mission, it’s not doing work, it’s out stifling First Amendment rights. None of us want to stifle First Amendment rights. They don’t do that.
46
00:00:45,000 –> 00:00:46,000
Sen. Gary Peters [00:15:10]: I’d be the first to get up to do that. But people, my colleagues need to hear from folks who are on this podcast as to the difference that CISA has made and how state and local grant funding is cost effective. You actually end up saving money by investing in this kind of protection. And at a time when we’re running record deficits that are going to increase, we’ve got to be thinking about being smart. And sometimes that means spending money to be smart and actually bringing down the cost of what would happen with a cyber attack.
47
00:00:46,000 –> 00:00:47,000
Frank Cilluffo [00:15:43]: And there’s an old adage, policy without resources is rhetoric. Right? So, and you also serve on the Appropriations Committee, so I can imagine.
48
00:00:47,000 –> 00:00:48,000
Sen. Gary Peters [00:15:51]: I just came from the Appropriations Committee, so.
49
00:00:48,000 –> 00:00:49,000
Frank Cilluffo [00:15:53]: Great. Hopefully you fought for cyber funding.
50
00:00:49,000 –> 00:00:50,000
Sen. Gary Peters [00:15:57]: We’re always fighting and hopefully we’ll get that. You know, we’ve been able to fund those grants in the past. Hopefully we’ll be able to do it going forward.
51
00:00:50,000 –> 00:00:51,000
Frank Cilluffo [00:16:03]: Awesome. One other bill that you reintroduced in this Congress that I think has overwhelming support and is essential is to harmonize our regulations. And honestly, for a small, and you rightfully, I think, touched on small, medium sized businesses. They’re the, I don’t want to say the weakest link because they actually are the reason our economy is as strong as it is. But when it comes to cyber, they just don’t have the resources.
52
00:00:51,000 –> 00:00:52,000
Sen. Gary Peters [00:16:31]: They’re, they’re the weakest link, but they’re the strongest link when it comes to our economy.
53
00:00:52,000 –> 00:00:53,000
Frank Cilluffo [00:16:34]: Strongest driving the economy. Exactly. So how, so firstly, can you give us a quick snapshot of the legislation, the fact that it was reintroduced, and what can our listeners, viewers and others do to help get that over the goal line?
54
00:00:53,000 –> 00:00:54,000
Sen. Gary Peters [00:16:50]: Well, harmonization is to try to streamline the oversight the federal government has. So we have a number of agencies that have all sorts of regulations. Your listeners here have dealt with those on a ongoing basis. What I hear from folks, sometimes our Cyber professionals spend 40, 50, 60% of their time doing paperwork and checking boxes. And that makes no sense to me. It doesn’t make any sense to anyone. When you talk about that at a time when we’re talking about cutbacks in funding for cyber protection and now you’re also asking people to fill out a lot of forms, that makes no sense. So the harmonization is like, how do we streamline it? How do we not have people report to 12 different agencies.
55
00:00:54,000 –> 00:00:55,000
Sen. Gary Peters [00:17:31]: Report to one, two, whatever, whatever we can get to that number.
56
00:00:55,000 –> 00:00:56,000
Frank Cilluffo [00:17:35]: And you stipulated Office of the National Cyber Director is the right belly button for that, which I’m biased. I think that is the right answer.
57
00:00:56,000 –> 00:00:57,000
Sen. Gary Peters [00:17:43]: Yeah, you had something to do with that.
58
00:00:57,000 –> 00:00:58,000
Frank Cilluffo [00:17:45]: But what are your thoughts there?
59
00:00:58,000 –> 00:00:59,000
Sen. Gary Peters [00:17:46]: Well, it’s only natural. And that’s why we put them in that place after the Solarium Commission obviously put that in place. It’s their report, too, that came out, which is what we asked, what we asked them to do. Come back to Congress with your recommendations as to what you see out there that needs to be fixed. And this is, it’s a part of it. And this is as common sense as you get. I’ve spent a lot of time thinking about how we streamline…
60
00:00:59,000 –> 00:01:00,000
Frank Cilluffo [00:18:06]: Which isn’t always common, is it?
61
00:01:00,000 –> 00:01:01,000
Sen. Gary Peters [00:18:07]: Well, it’s not unfortunately. No, common sense is sometimes really tough, but there’s just the bureaucracies of federal government. I’ll just give you a brief example of another bill that I have which is also within Homeland Security, and that’s FEMA disaster assistance. So someone has their house destroyed in some sort of natural disaster, you look for help. And there are a number of programs that can help people, but you have to fill out an application for all of those programs. And who wants to fill out applications to six different federal agencies when your house has been destroyed underwater.
62
00:01:01,000 –> 00:01:02,000
Frank Cilluffo [00:18:37]: Underwater.
63
00:01:02,000 –> 00:01:03,000
Sen. Gary Peters [00:18:38]: And your family is in shelter? So I’ve proposed radical legislation that says maybe they should just fill out one form and it goes to all of the agencies.
64
00:01:03,000 –> 00:01:04,000
Frank Cilluffo [00:18:47]: Boom.
65
00:01:04,000 –> 00:01:05,000
Sen. Gary Peters [00:18:48]: Same concept for harmonization. How do we get rid of all of the different agencies? All of them are important.
66
00:01:05,000 –> 00:01:06,000
Frank Cilluffo [00:18:53]: Well intended, but it’s like a patchwork. It’s Like a bottom up approach.
67
00:01:06,000 –> 00:01:07,000
Sen. Gary Peters [00:18:58]: They all may play a role, but they don’t have to play the role together in one place and have 12 different people, or agencies rather, impacting a company that has to spend 40, 50, 60% of their time checking boxes.
68
00:01:07,000 –> 00:01:08,000
Frank Cilluffo [00:19:11]: Very well said. And for transparency, we, in addition to the Chamber of Commerce, are leading an effort to try to advance that thinking. So hopefully, hopefully it’ll help move the needle a little bit.
69
00:01:08,000 –> 00:01:09,000
Sen. Gary Peters [00:19:23]: It definitely will.
70
00:01:09,000 –> 00:01:10,000
Frank Cilluffo [00:19:25]: One more issue, because I know the tyranny of time. You’ve got votes coming up, but cyber workforce. It tends to be the, I mean firstly, in austere time, training and education always seems to be on the short list of getting the short end of the stick. So I’d be curious. We know the numbers, we know they’re vast. We as a country are the most innovative, but we can’t take that for granted. How do we start filling the gap there or at least leveling it a little bit?
71
00:01:10,000 –> 00:01:11,000
Sen. Gary Peters [00:20:00]: Yes, the gap is apparent both in the private sector and in government, federal government. We’re actually at a disadvantage when I think about the federal government because these are jobs in high demand. They command high wages, as they should. These are highly skilled individuals. But let’s be frank, the pay scales of the federal bureaucracy are not going to match what you can get as a cyber professional in the, in the private sector.
72
00:01:11,000 –> 00:01:12,000
Frank Cilluffo [00:20:25]: But making a difference matters. Doesn’t it?
73
00:01:12,000 –> 00:01:13,000
Sen. Gary Peters [00:20:27]: But making a difference does. So, so we’re trying to deal with this issue, you know, a couple ways. I mean, we know, for example, with the Department of Defense, they’re short probably around 28,000 people.
74
00:01:13,000 –> 00:01:14,000
Frank Cilluffo [00:20:36]: And that’s DOD.
75
00:01:14,000 –> 00:01:15,000
Sen. Gary Peters [00:20:38]: That’s DOD, that’s just Department of Defense. And then we have the other agencies. And so when you’re talking about being short people, that’s clearly a national security issue and it has to be addressed. So I put in language in the National Defense Authorization to put together a strategy, a workforce strategy. And part of that is just identifying where are the gaps.
76
00:01:15,000 –> 00:01:16,000
Sen. Gary Peters [00:20:55]: It’s hard to get all that information, but you can’t solve a problem unless you know where the problem actually is. And then where do we need to fill that to bring that in? We’ve been able to change some of the pay structures. So if you qualify as, with a number of criteria, as a specialist, you can get more than you would get under the GS level. That wasn’t easy to do. You got unions and pay scales, but it’s critical. But even with that, they’re still going to get paid more in the private sector. So we also want to create a sense of mission. One thing, as someone who served in federal government yourself, you know, it’s a part of being a mission.
77
00:01:16,000 –> 00:01:17,000
Sen. Gary Peters [00:21:31]: People are drawn to that. They don’t have to make all the top money. So how do we recruit people for that and make it a real enriching experience? One of the pieces of legislation that I wrote, authored, and passed into law, for example, is our cyber rotation bill. And what it does is it allows someone as an agency who’s a cyber professional, they can go to another agency and spend some time as a cyber professional in another agency.
78
00:01:17,000 –> 00:01:18,000
Frank Cilluffo [00:21:56]: Sort of like a Goldwater Nichols, but not at that scale. It could go a long way, right? I mean, just walking in someone else’s shoes, you understand their pain points, how to provide Advil and hopefully, or Tylenol or whatever.
79
00:01:18,000 –> 00:01:19,000
Sen. Gary Peters [00:22:09]: Exactly.
80
00:01:19,000 –> 00:01:20,000
Frank Cilluffo [00:22:10]: And hopefully make things better. And I would add to that private sector. We need to figure out how to get them where maybe they don’t do it for life, but the US Government, I think, has to recognize you’re not going to be there for 50 years, but get the best out of the women and men who are there while they’re there.
81
00:01:20,000 –> 00:01:21,000
Sen. Gary Peters [00:22:30]: Right.
82
00:01:21,000 –> 00:01:22,000
Frank Cilluffo [00:22:31]: With the cutting edge skills. Let me ask a little off script here, but not that we have one.
83
00:01:22,000 –> 00:01:23,000
Sen. Gary Peters [00:22:37]: Where’s the script? I want it.
84
00:01:23,000 –> 00:01:24,000
Frank Cilluffo [00:22:41]: What do you think of the dual hat issue at NSA and Cyber Command? Have you taken a position since you also served in armed services?
85
00:01:24,000 –> 00:01:25,000
Sen. Gary Peters [00:22:49]: Yeah, you know, I’m still weighing all of that. Take a look at that. I’ve got these other ones here that I think are front burner for me right now.
86
00:01:25,000 –> 00:01:26,000
Frank Cilluffo [00:22:55]: Awesome. Awesome. And I might note though, that the deficit at DoD from a workforce, we take for granted that they’re always going to be there, but A, the cavalry may not be there, and B, they don’t have the bodies right now.
87
00:01:26,000 –> 00:01:27,000
Sen. Gary Peters [00:23:09]: They just don’t. Yeah, they just don’t.
88
00:01:27,000 –> 00:01:28,000
Frank Cilluffo [00:23:10]: And were fishing from the same ponds. Got to think about this differently.
89
00:01:28,000 –> 00:01:29,000
Sen. Gary Peters [00:23:14]: You know, I just say, you know, I mentioned that to Mr. Plankey, who has been nominated to be the CISA director, is that with these cutbacks, how do you, how can you possibly perform when these bans can increase? And I actually made the point. He has a, he has a history with the Coast Guard. There is no Coast Guard auxiliary or reserve for cyber. So if, you know, if you, if you’re in trouble, you got to rely on the people you have there. And you can work them harder, you can make them work hours, but there’s a limit to that.
90
00:01:29,000 –> 00:01:30,000
Sen. Gary Peters [00:23:43]: You got to have personnel. You cannot survive these cutbacks. And there’s no reserve being called up for 180 days to come in to help.
91
00:01:30,000 –> 00:01:31,000
Frank Cilluffo [00:23:51]: By the way, as a reservist, looking at auxiliary, there’s there there, and I know there’s a lot of attention looking at the role of the National Guard. Sometimes they’re dual hatted, sometimes they are first responders, sometimes they work at a telecommunications company or any critical infrastructure owner. I hope that there’s some energy behind all of that because it does take people and it’s, I mean, firstly, this isn’t a red issue, a blue issue, not to be trite, but it’s red, white and blue. This is as right down the fairway as any issue could be. Senator Peters, given time constraints, what questions didn’t I ask that I should have?
92
00:01:31,000 –> 00:01:32,000
Sen. Gary Peters [00:24:31]: I think we covered a lot and hopefully you’ll just invite me back and we can talk more.
93
00:01:32,000 –> 00:01:33,000
Frank Cilluffo [00:24:34]: You are always invited. Most importantly, thank you for all you’ve done for this community. Keep fighting. We still have you for a while. There’s a lot to get through.
94
00:01:33,000 –> 00:01:34,000
Sen. Gary Peters [00:24:44]: A year and a half.
95
00:01:34,000 –> 00:01:35,000
Frank Cilluffo [00:24:45]: And even when you leave, you’re going to be the dean and advisor on all these issues. So thank you.
96
00:01:35,000 –> 00:01:36,000
Sen. Gary Peters [00:24:52]: Thank you for having me.
97
00:01:36,000 –> 00:01:37,000
Frank Cilluffo [00:24:53]: Thank you for joining us for this episode of Cyber Focus. If you liked what you heard, please consider subscribing. Your ratings and reviews help us reach more listeners. Drop us a line if you have any ideas in terms of topics, themes or individuals you’d like for us to host. Until next time, stay safe, stay informed and stay curious.