The Biden administration has hit the ground running on cybersecurity, reportedly getting ready to nominate what some have called a “world-class” cybersecurity team of officials and prioritizing efforts to tackle the worst hack in US history, the SolarWinds breach. The renewed effort to tackle cybersecurity matters couldn’t come soon enough. The Trump administration all but gutted the White House and other government offices of cybersecurity expertise. In a series of steps that started with the elimination of a White House cybersecurity coordinator and ended with the firing of Christopher Krebs, the highly respected head of the Cybersecurity and Infrastructure Security Agency (CISA), the government suffered a serious cybersecurity brain drain during the Trump era.
The first sign that the current administration plans to take cybersecurity more seriously than the previous one did is the hiring of National Security Agency (NSA) official Anne Neuberger to fill the new position of Deputy National Security Adviser for cyber and emerging technology. Neuberger led the NSA’s cybersecurity defense operations and created the Russia small group at the agency to protect the 2018 mid-term elections from the kind of digital damage that marred the 2016 presidential election.
Biden has also tapped former senior national security officials with expertise in cybersecurity. Among them are Michael Sulmeyer, who serves as senior director for cybersecurity; Elizabeth Sherwood-Randall, named homeland security adviser; Russ Travers, deputy homeland security adviser; and Caitlin Durkovich, now a senior director for resilience and response at the National Security Council.
Biden reportedly plans to nominate Rob Silvers to become director of the Cybersecurity Infrastructure Security Agency. Silvers is a former senior official for cybersecurity policy at the Department of Homeland Security (DHS) and now chairs the privacy and cybersecurity practice at law firm Paul Hastings. If confirmed, Silvers reportedly has an ally in newly confirmed Homeland Security Secretary Alejandro Mayorkas, who has been praised for his cybersecurity knowledge and commitment to helping CISA secure federal government systems.
Jen Easterly, a veteran government official whose portfolio includes helping to design and develop US Cyber Command, serving as Deputy for Counterterrorism at the NSA as well as special assistant to the President and senior director for counterterrorism under President Obama, is reportedly Biden’s pick to fill the newly created Cybersecurity Director role at the White House. Easterly is currently the global head of the Cybersecurity Fusion Center at Morgan Stanley.
Biden to hold SolarWinds breach perpetrators responsible
When it comes to the SolarWinds breach, Biden signaled the day after he was inaugurated that he would hold the purported Russian hackers to account for the breach by asking the intelligence agencies for a full assessment of the hack. “Even as we work with Russia to advance US interests, so too we work to hold Russia to account for its reckless and adversarial actions,” White House Press Secretary Jen Psaki said. The US reserves the right to respond “at a time and in a manner of our own choosing to any cyberattack,” she added.
Biden needs to move quickly now to gain international support for any action he might take to constrain the SolarWinds perpetrators, Theresa Payton, CEO of security company Fortalice, former White House CIO and author of the recent book Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth, tells CSO. “I would say to President Biden, as those congratulatory calls are coming in from other nations’ leaders, mention to them the ongoing cyber warfare, the theft of intellectual property, the attacking of hospital infrastructure with ransomware. He needs to be gaining agreement from all the world leaders that they don't just condemn those acts,” but they also support punitive measures for the bad actors, Payton says.
“It's time to round up the operatives who conduct these nefarious cyber activities and actually start putting our muscle where our mouth is,” says Payton. “Through either sanctions or international court hearings, there needs to be a willing coalition of countries that band together and say, ‘No longer under our watch will we accept the following cybercrimes.’”
Bringing all malicious cyber actors to justice should be a focus for the Biden administration, Megan Brown, head of the cybersecurity practice at law firm Wiley Rein tells CSO. “The NetWalker ransomware guys are evil people, right?” she says, referring to the recent international take-down of Emotet malware and NetWalker ransomware strains. “So, we need to be signaling. We have to send that message to them by indicting them in absentia” even if law enforcement is never going to round up any foreign cybercriminals because they remain out of the US legal system’s reach.
Administration should move fast but watch for overcorrections
Whatever cybersecurity priorities the administration identifies, Biden and the Congress need to move fast, Payton says. “Every administration tends to want to come in and do a study for 90 days on what's working well, what's not working well, where do we need to head? As SolarWinds has demonstrated, we don't have the luxury of another 90-day study.” Biden should “ask each of the departments and agencies and the military, ‘What's your action plan?’ If there’s any kind of study, it needs to be on the action plan.”
Brown argues that the administration needs to make sure that any quick action on cybersecurity doesn’t end up causing more harm than good. “Are we going to see maybe an overcorrection to SolarWinds or to some of these things that result in burdensome regulation or that chill information sharing and collaboration?”
She also wants policymakers on Capitol Hill to tap into true experts on cybersecurity before passing any legislative initiatives proposed by the administration. “I want staff to really make sure they're getting good information from trustworthy sources about the scope and scale of any of these issues because I worry that in a well-intentioned rush to dial up the security of federal networks and the contractors that support them, you could bring along some less good policy ideas,” says Brown.
Biden is already ahead of the curve by prioritizing cybersecurity and publicly talking about it, something that Donald Trump completely avoided, even when it came to the massive SolarWinds hack. “This issue is tone at the top,” Mark Weatherford, newly named CISO for Alert Enterprise and the former deputy undersecretary for cybersecurity in DHS in the Obama administration,” tells CSO. “When the president says something is important, everyone else is going to think it’s important.”