U.S. Cybersecurity Policy, Strategy and Initiatives: Director Needed?
A bipartisan group of lawmakers has introduced legislation to establish a director to head the nation’s cybersecurity initiatives.
The recently introduced National Cyber Director Act would create a National Cyber Director within the White House, functioning as the President’s principal advisor on cybersecurity and associated emerging technology issues and recognized as the lead national-level coordinator for cyber strategy and policy. The legislation is sponsored by Reps. Jim Langevin (D-RI) and Mike Gallagher (R-WI) and backed by four additional congressional members.
The person filling the position would be nominated by the president and subject to Senate confirmation. A host of duties come with the job, including overseeing and coordinating federal government incident response activities, collaborating with private sector entities, and attending and participating in meetings of the National Security Council and Homeland Security Council. The Director would also develop and oversee implementation of a national cyber strategy to defend the nation’s interests and critical infrastructure against malicious cyber actors and would also participate in the preparation for cybersecurity summits and other international meetings in which cybersecurity is a focus.
Langevin called cybersecurity policy “complicated” and best addressed by a national leader commanding the issues and backed by budgetary authority. “Only within the White House can we cohesively develop and implement a truly whole-of-nation cyber strategy that is commensurate with the threats we face,” he said. “By establishing a National Cyber Director with the policy and budgetary authority to reach across government, we can better address cybersecurity vulnerabilities and gaps holistically and prevent catastrophic cyber incidents.”
In large measure, the idea for the new position springs from a large set of recommendations proposed by the Cyberspace Solarium Commission (CSC) last March on how best to defend the nation from cybersecurity threats. What awaits an encumbered federal bureaucracy and outdated strategies is an oncoming cyber disaster, the report said. Among its 75 recommendations are calls for a new national cyber director who would function as the president’s chief cybersecurity advisor.
Both Langevin and Gallagher hold positions of prominence in the CSC, with the former serving as its commissioner and the latter as its co-chair. Langevin first introduced legislation creating a White House cyber director position in 2010. That legislation was based on a recommendation from the report of the Center for Strategic and International Studies Commission on Cybersecurity in the Obama administration.
“While we are woefully unprepared for a cyber calamity, there is still time to right the ship,” said Gallagher. “As the Cyberspace Solarium Commission recommends, a critical first step in doing so is through the creation of a National Cyber Director who would not only coordinate a whole-of-nation response to an attack, but work to prevent it in the first place.”
The position would fulfill many of the responsibilities of the White House cybersecurity coordinator, a position eliminated in 2018 by former national security adviser John Bolton. In December, 2009, President Obama initially created the cybersecurity coordinator post and appointed Howard Schmidt to the job.