The White House has eliminated the role of cybersecurity coordinator following the departure of Rob Joyce, and many lawmakers and cybersecurity experts are not happy with the decision.
After news broke that Joyce was leaving his post and returning to the National Security Agency (NSA), cybersecurity professionals were hoping to see someone at least equally competent fill the position. However, president Donald Trump's new national security adviser, John Bolton, has announced that the role will be eliminated from the National Security Council (NSC).
Politico reported that the decision is part of an effort to “streamline authority” and the duties of the cybersecurity coordinator will be performed by the two other senior directors on the NSC cyber team.
“Streamlining management will improve efficiency, reduce bureaucracy and increase accountability,” an NSC spokesperson told Politico.
The cybersecurity coordinator, a role that became an assistant to the president during the Obama administration, was in charge of developing policy for defending the United States against sophisticated cyber threats.
Several Democrat lawmakers, including Jim Langevin, Mark Warner and Ted Lieu, opposed the decision.
“This is yet another example of the Trump Administration talking a big game on national security but taking steps that directly undermine our ability to combat emerging threats. As a computer science major and Air Force veteran, I can tell you that eliminating the White House cybersecurity coordinator will endanger our economy, critical infrastructure, and possibly American lives,” Lieu said.
Warner wrote on Twitter, “Mr. President, if you really want to put America first, don’t cut the White House Cybersecurity Coordinator — the only person in the federal government tasked with delivering a coordinated, whole-of-government response to the growing cyber threats facing our nation.”
While there are a few cybersecurity professionals who applaud the decision, many believe eliminating the role is a big mistake.
“It is clear to everybody that cybersecurity needs to be the highest priority at all levels. Not having a dedicated person focused on the cyber security strategy causes two different challenges - one is the fact that there will be no dedicated focus on public-private cybersecurity strategies, cyber laws etc…and second is that it will send a wrong message to other nations and malicious actors,” Rishi Bhargava, co-founder of Demisto, told SecurityWeek.
“This is a major mistake and a poor message to send to the world,” said Joseph Carson, chief security scientist at Thycotic. “Only a few months ago during the World Economic Forum (WEF), its latest report moved cyber-attacks to be the third greatest impact to global economies just behind natural disasters and climate change. If Mr. Bolton eliminates the essential White House Cybersecurity job without a concrete plan to keep all government agencies aligned, this could be the second greatest mistake by the White House following the withdrawal of the Paris Agreement.”
Sanjay Beri, the CEO of Netskope, commented, “The U.S. needs cybersecurity leadership today more than ever, but the current structure of our top officials needs to be overhauled if we hope to correct course. Forming a cohesive cyber defense strategy has become nearly impossible as hundreds of departments report into a siloed set of decision makers. Instead of eliminating jobs we need to be creating them, and the first step in the right direction would be the appointment of a federal CISO to oversee all of our nation’s cybersecurity initiatives and promote inter-agency collaboration.”