Should the director of the nation’s top civilian cybersecurity agency serve a defined five-year term of appointment by law?
A group of bipartisan House legislators think so, introducing a measure -- known as the CISA Leadership Act -- that sets to five years the tenure of the Cybersecurity and Infrastructure Security Agency’s (CISA) director. Why? Because the position is a President-nominated and Senate-confirmed post and should not be subject to changing political winds, the bill's backers said. And, as the cybersecurity landscape evolves, CISA’s leadership needs to remain stable. The position is too important to accommodate an interim leader, proponents assert.
Moreover, a predictable five-year term for CISA's leadership could improve cybersecurity synergies and communications between MSSPs, incident response (IR) companies and the federal government.
Current CISA Leadership, And Potential Term Details
Jen Easterly, President Biden’s nominee for the post who was unanimously confirmed by the Senate in July 2021, currently heads the agency, which operates as the Department of Homeland Security’s cyber wing. Currently, the CISA Director lacks a set term. Should the bill make it through Congress for President Biden’s signature, it’s unclear how Easterly’s incumbency would be affected.
The bottom line: Whoever holds CISA’s reins would be appointed for five years, in principle not unlike Congressional representatives at two years or Senators at six years. The president can’t fire the person just because he wants to, as was the case with Christopher Krebs, the agency’s initial director who former President Trump unceremoniously showed the door in November, 2020 following the national election.
Perhaps with that history in mind, the bill’s bipartisan sponsors advocate consistent CISA leadership.
“With cyber attacks on the rise, CISA, the lead federal civilian cybersecurity agency for the United States, needs consistent and stable leadership presiding over our nation’s cyber preparedness,” said Rep. Andrew Garbarino (R-NY), the ranking member of the House Homeland Security Committee’s cybersecurity subcommittee. “This bipartisan bill will remove any uncertainty from the CISA Director role so that the Director can focus squarely on strengthening our cyber posture.”
Additional sponsors include Bennie Thompson (D-MS), who chairs the House Homeland Security Committee, ranking member John Katko (R-NY), cybersecurity subcommittee Chairwoman Yvette Clarke (D-NY), and Reps. Jim Langevin (D-RI), Mike Gallagher (R-WI) and Ralph Norman (R-SC).
Ejecting politics from affecting CISA’s top rung was cited by a number of lawmakers as prompting the new bill. "Cybersecurity isn't a partisan issue,” Thompson and Clarke said. “As the cyber threats facing the nation continue to evolve, we need steady leadership at .” In a similar statement, Katko said that “stable leadership at the helm of CISA” is what the nation needs to stare down the “most dynamic and complex cyber threat landscape in history.”