Inglis will be tasked with setting up the Office of the National Cyber Director and serving as the administration’s central coordinator for cybersecurity efforts. The role was passed into law by Congress in December.
Rep. Jim Langevin (D-R.I.), who serves as a commissioner of Congress’s bipartisan Cyberspace Solarium Commission, says the 28-year NSA veteran is well suited to the task of strengthening relationships both with the private sector and between agencies. Inglis was also a member of the commission.
“I absolutely have high confidence that Chris will be a great point person working with the private sector,” Langevin said in an interview. “He has an incredibly clear vision of how much we need to work hand-in-hand with industry to get ahead of our adversaries.”
Langevin pointed to Inglis’s support of the commission’s recommendations for a “joint collaborative environment” to collect and share threats across the private sector and federal government. The idea has picked up steam in recent congressional hearings examining the SolarWinds hacking campaign.
Despite the NSA’s reputation as territorial, Langevin says that Inglis is far from “parochial” and “takes a whole of government approach.” As a commissioner, he was a strong advocate for CISA and Langevin believes he will champion the agency’s needs with the White House, as well.
Inglis will work closely with fellow former NSA official Anne Neuberger.
Neuberger, who now serves as deputy national security adviser for cyber and emerging technology on the National Security Council, has overseen the White House response to the SolarWinds attack in the absence of a cyber director. There are still questions of how responsibilities will be shared between the two roles.
The two former NSA officials worked closely at the agency and are expected to collaborate well, Dmitri Alperovitch, chairman of Silverado Policy Accelerator, told Ellen Nakashima. Ellen first reported plans for the nominations.
“I am looking forward to working with Chris and Jen to continue building back better to modernize our cyber defenses and enhance the nation’s ability to prevent and respond effectively to cybersecurity incidents,” Neuberger said in a statement. “We will work closely with cybersecurity leaders across the United States Government, the private sector, Congress, and dedicated front line cyber responders to keep our networks safe and secure.”
Easterly, another NSA veteran, will inherit CISA’s full plate of cleaning up the SolarWinds and Microsoft attacks and dealing with a growing crisis of cyberattacks against state and local governments and organizations. If confirmed, she will be the agency’s first permanent director since then-President Donald Trump fired former CISA Director Chris Krebs in November.
“Ms. Easterly brings substantial credibility and a reputation of working productively between government and the private sector to increase the cybersecurity resilience of the nation,” Rep. John Katko (N.Y.), the top Republican on the House Homeland Security Committee, said in a statement. “I look forward to working with Ms. Easterly and Chairman [Rep Bennie Thompson (D-Miss.)] to ensure that CISA has the resources, workforce, and authorities it needs to carry out its mission.”
The private sector also expressed confidence in the nominees.
“We hope the Senate will quickly confirm these well-qualified nominees so that they can join an already impressive team of cyber experts in top positions across the administration,” said Ryan Gillis, vice president of cybersecurity strategy and global policy at Palo Alto Networks. “We look forward to continued collaboration to help meet the government’s cyber mission.”
The Information Technology Industry Council, which represents both cybersecurity and tech companies including IBM, Google, Apple and Amazon, also expressed support for the nominees.
“As adversaries become more sophisticated and well-resourced, it’s essential that the public and private sectors continue to forge productive relationships toward a more resilient digital infrastructure,” said Jason Oxman, president and chief executive of the trade association.
Lawmakers and officials, including Department of Homeland Security Secretary Alejandro Mayorkas, are urging the Senate quickly confirm the nominees.
An aide to Senate Homeland Security and Government Affairs Committee Chairman Gary Peters (D-Mich.) said the committee considers the nomination a top priority and intends to move quickly.
It’s unclear, however, which Senate committee will oversee the confirmation hearings for Inglis. The Cyberspace Solarium Commission has recommended the Senate Homeland Security and Governmental Affairs Committee also oversee the hearings; however, no final decision has been made.
In the meantime, legislators are working to drum up funding for the new office. Langevin says lawmakers are pursuing multiple paths, including the appropriations process, and he is confident “the White House will find some money” in the meantime.
Two other key cyber roles got filled yesterday.
The White House also nominated Rob Silvers for undersecretary for strategy, policy and plans at DHS. The former DHS assistant secretary for cyber policy for the Obama administration is expected to take on cybersecurity issues in the new role.
Meanwhile, the Department of Energy brought on Puesh M. Kumar as acting principal deputy assistant secretary of its cybersecurity division.
Some reaction on the Internets:
Huntress CEO Kyle Hanslovan called for a “rigorous” confirmation process to show their experience:
The keys
Researchers say that remote-work companies are being increasingly targeted amid the pandemic.
The business services industry shot up to be the most-targeted industry among hackers, according to a new report from cybersecurity firm FireEye. Researchers are attributing the rise to the shift to remote work during the pandemic.
“While Business and Professional Services has been in the top five most targeted industries since 2016, we believe the sudden boost in business services necessary for remote working has made this industry the most targeted in 2020 by cybercriminals and state-sponsored threat actors,” Jurgen Kutscher, Mandiant’s executive vice president for service delivery, said in a statement. Cybersecurity firm McAfee, meanwhile, said that it detected 114 percent more coronavirus-related cyberattacks.
The semiconductor industry praised Biden for including chip funding in an infrastructure package.
The Semiconductor Industry Association quickly praised the meeting, with President and CEO John Neuffer commending the Biden administration for funding semiconductor initiatives in its infrastructure package.
Biden included $50 billion for U.S. chip production in his $2 trillion infrastructure plan, which came as the semiconductor industry faces a global shortage caused by an unprecedented surge in demand.
There is already movement on the U.S. chip production front, with Intel CEO Pat Gelsinger, who attended the White House meeting, saying that his company is in talks to produce car semiconductors within six to nine months.
White House press secretary Jen Psaki said the meeting with chip executives wasn’t one “where we expect a decision or an announcement to come out,” but was more of a listening session to hear about the impacts of the shortage and what would help most.
An Israeli spyware firm made its case to a U.S. appeals court.
NSO Group argued that it should be immune to federal lawsuits, including one by WhatsApp and parent company Facebook, because of its relationship to its foreign clients. At the center of the lawsuit is the company’s Pegasus software, which WhatsApp said infected 1,400 users of its app. Pegasus victims have included journalists.
The hearing came a year and a half after WhatsApp and Facebook first sued the Israeli company. A federal judge in July allowed much of the case to proceed despite NSO’s protests, leading to the appeal.
Cyber insecurity
Daybook
- Cybersecurity officials and researchers speak at a three-day symposium hosted by the National Security Agency that begins today at 9 a.m.
- Former Cybersecurity and Infrastructure Security Agency (CISA) director Chris Krebs speaks at an election security event hosted by Georgetown University today at 5:30 p.m.
- Acting Assistant Secretary of Energy Patricia Hoffman discusses maritime energy cybersecurity at an Atlantic Council event on Wednesday at 10 a.m.
- U.S. intelligence chiefs testify before the Senate Intelligence Committee on Wednesday at 10 a.m.
- Microsoft president Brad Smith and Dominic LeBlanc, Canada’s minister of intergovernmental affairs, discuss combating election interference at an Alliance for Securing Democracy event on Wednesday at 12:15 p.m.
- A Senate Armed Services Committee panel holds a cybersecurity hearing on Wednesday at 2:30 p.m.
- U.S. intelligence chiefs testify before the House Intelligence Committee on Thursday at 9 a.m.
- Former Director of National Intelligence John Ratcliffe speaks at a Heritage Foundation event on April 19 at 11 a.m.
- CISA executive assistant director for cybersecurity Eric Goldstein speaks at the Industrial Control Systems Joint Working Group’s spring virtual meeting on April 20 at 8:30 a.m.