The Cybersecurity Coalition has penned a letter to the White House Chief of Staff, urging the Biden administration to nominate a new National Cyber Director (NCD) by the end of July. The letter emphasizes the need for prompt action given the evolving and increasingly complex cyber landscape.
The missive recognizes the nomination as a “critical opportunity” to solidify the significance of the Office of the National Cyber Director (ONCD), which was established under the guidance of former director Chris Inglis. It urges the administration to swiftly send a nomination to the Senate and advocate for an expedited confirmation process to avoid delays associated with approaching elections.
Inglis, a long-time executive at the National Security Agency (NSA) and cybersecurity specialist, retired in February after 30 years of service in federal agencies. He was unanimously confirmed in 2021 as Biden’s top cybersecurity advisor.
The signatories of the letter, including the software alliance BSA, the Information Technology Industry Council, the Center for Cybersecurity Policy and Law, and the Better Identity Coalition, express concern that the delay in nominating a candidate for the NCD role could impede the progress made under Inglis, hinder the implementation of the National Cyber Strategy, and undermine the effectiveness of the ONCD.
The letter also calls for an executive order (EO) to clarify the roles and responsibilities of key cybersecurity entities, such as the ONCD, NSC, CISA, OMB, NIST, and other relevant organizations. The signatories see this EO as essential to preventing confusion and establishing the cybersecurity-oriented functions of these entities.
The statement highlights the importance of handling these issues to define the Biden Administration’s lasting impact on cybersecurity policy and demonstrate a comprehensive whole-of-government approach to cybersecurity.
The Biden Administration has already undertaken several key efforts to enhance cybersecurity. In May 2021, President Biden signed EO 14028, which mandated new security requirements for critical infrastructure organizations. The administration has also issued National Security Memorandum 5, specifically targeting critical infrastructure control systems, and has taken steps to establish zero-trust cybersecurity models in federal agencies under the guidance of M-22-09. Additionally, the administration has introduced the Cyber Incident Reporting for Critical Infrastructure Act and incorporated cybersecurity provisions in the Bipartisan Infrastructure bill.
Despite these efforts, US critical infrastructure remains vulnerable to ransomware attacks. The “State of Ransomware Report” from BlackFog in April revealed that ransomware attacks on healthcare, government, and the critical infrastructure sector continue to grow. This is in contrast to other reports indicating a slowdown in attack volumes.
Recognizing the ongoing threat, the FBI is seeking over $63 million in new funding to combat cyber threats in 2024. The funding would support the addition of 31 special agents, eight intelligence analysts, and 153 staff members dedicated to cybersecurity. It would also enhance cyber information-sharing abilities and increase cyber tools and capacities.
In conclusion, the Cybersecurity Coalition’s letter emphasizes the urgent need for the Biden administration to nominate a new National Cyber Director and advocates for an executive order to clarify the roles of key cybersecurity entities. The ongoing threats to US critical infrastructure highlight the importance of these actions in strengthening cybersecurity defenses and protecting against ransomware attacks. The coalition’s recommendations aim to solidify the administration’s commitment to cybersecurity and establish a comprehensive approach to tackling cyber threats.