“Critical Calls for the White House: Swift Nomination of National Cyber Director Needed”

Push for Nomination of National Cyber Director

The Urgency in Filling the Role

In a letter addressed to the White House Chief of Staff, the Cybersecurity Coalition has emphasized the need for the Biden administration to promptly nominate a new National Cyber Director (NCD) before the end of July. This urgent call for action stems from concerns surrounding the ever-changing and increasingly complex cyber landscape that requires dedicated leadership. The letter underlines that the nomination of this position presents a critical opportunity for the administration to solidify the significance of the Office of the National Cyber Director (ONCD) and its vital role in safeguarding national security interests in cyberspace.

The signatories caution against delaying the nomination, emphasizing the potential consequences such delays could have on the progress made under former Director Chris Inglis and the implementation of the National Cyber Strategy. Without a confirmed National Cyber Director, the effectiveness of the ONCD could be jeopardized, resulting in gaps in the nation’s cybersecurity posture. The signatories of the letter include esteemed organizations such as the software alliance BSA, the Information Technology Industry Council, the Center for Cybersecurity Policy and Law, and the Better Identity Coalition.

Clarity in Cybersecurity Entity Roles

Additionally, the letter encourages the implementation of an executive order (EO) that clarifies the roles and responsibilities of key cybersecurity entities, including the ONCD, NSC, CISA, OMB, NIST, and other relevant organizations. The observed potential for overlap between these entities necessitates clear delineation in order to prevent confusion and establish a consistent and well-defined approach to cybersecurity.

The signatories highlight that addressing these issues through an executive order is essential not only to ensure efficient functioning but also to publicly establish the administration’s commitment to cybersecurity. A comprehensive whole-of-government cybersecurity approach can shape the lasting impact of the Biden Administration’s cybersecurity policy.

The Administration’s Efforts in Enhancing Cybersecurity

The urgency expressed in the letter aligns with ongoing efforts by the Biden administration to strengthen the nation’s cybersecurity posture. President Biden’s Executive Order 14028 in May 2021 mandated new security requirements for critical infrastructure organizations, aiming to bolster their resilience against cyber threats. Furthermore, the administration issued the National Security Memorandum 5, a directive specifically targeting critical infrastructure control systems.

Additional measures taken by federal agencies include the establishment of zero-trust cybersecurity models under M-22-09, the Cyber Incident Reporting for Critical Infrastructure Act, and the inclusion of cybersecurity provisions in the Bipartisan Infrastructure bill. These initiatives demonstrate the administration’s recognition of the pressing need to fortify the nation’s defenses against cyber threats.

The Persistent Threat of Ransomware

Despite the administration’s efforts, the recent Colonial Pipeline attack highlighted the vulnerability of critical infrastructure to ransomware attacks. While President Biden swiftly signed EO 14028 after the attack, which showcased his commitment to addressing the issue, the reality remains that US critical infrastructure is not yet adequately prepared to handle the growing ransomware threat.

The April “State of Ransomware Report” by BlackFog revealed an alarming escalation in ransomware attacks on healthcare, government, and critical infrastructure sectors. Although certain reports suggest a slowdown in attack volumes, this indicates an ongoing and persistent threat that demands sustained attention and action.

Allocating Resources for Cybersecurity

To confront the evolving cyber landscape, the FBI has requested over $63 million in additional funding for 2024, including the expansion of its workforce by 192 positions, comprising special agents, intelligence analysts, and other staff. Additionally, the funding aims to enhance cyber information-sharing capabilities and increase the availability of cyber tools and capacities.

The FBI’s request for more resources underscores the need for continued investment in cybersecurity personnel and technology. As cyber threats become increasingly sophisticated and pervasive, adequately equipping agencies to defend against these attacks is crucial.

Conclusion: A Comprehensive Approach to Cybersecurity

As the Cybersecurity Coalition urges the Biden administration to swiftly nominate a new National Cyber Director, the significance of this position cannot be overstated. Ensuring strong leadership for the Office of the National Cyber Director is paramount in addressing the ever-changing cyber landscape and safeguarding national security interests.

Simultaneously, clarifying the roles and responsibilities of key cybersecurity entities through an executive order will establish a consistent and effective approach, minimizing confusion and maximizing the impact of cybersecurity measures. The Biden administration’s dedication to fortifying the nation’s cybersecurity is commendable, but it must remain vigilant in the face of persistent threats and allocate the necessary resources to confront them.

Ultimately, the battle for cybersecurity is not one that can be won through isolated actions. It requires a comprehensive whole-of-government approach, robust collaboration with industry leaders, and continued investment in personnel and technology. Only through these combined efforts can the nation effectively navigate the complex and ever-evolving cyber landscape and mitigate the potential risks that lie ahead.