White House’s first national cyber director: will promote synergy among cyber security regulators

Inaugural National Network Director Chris Inglis said at the CyberScape online event hosted by GovernmentCIO Media & Research on August 19 that he is actively working to make a difference by driving technology coherence and fostering partnerships. The broader field of federal cybersecurity develops more complementary approaches and capabilities.

According to the conference organizer, GovernmentCIO Media & Research, cybersecurity is increasingly synonymous with national security. As people become more connected, integrate technology into current ICT infrastructure, and work to secure supply chains, this CyberScape online event will focus on dialogue with national security leaders.

Referring to the motivation for the new agency, Inglis said, “Officially, the web is important right now. Fundamentally, it’s something our national security, our economic vitality and our people’s lives depend on. We have to mention it. Important agenda. Not just for the private sector, but within government,” he said. “The role of the cyber director is to add value and context to[a diverse cybersecurity leadership].”

The Office of the National Cyber ​​Director received $21 million in funding from the Senate-passed infrastructure bill earlier this month, and Inglis expects the office to grow to about 75 people. At the same time, the government faces what Inglis described as historic challenges and problems with technology infrastructure and workforce. On August 15, John Costello, former deputy executive director of the U.S. Congressional Chartered Cyberspace Daylight Commission (CSC), has served as chief of staff for the Office of the National Cyber ​​Director (NCD).

“If we don’t defend well…then trying to get out of this situation is ultimately not going to be enough,” Inglis said. “My concern is… how do we leverage all these institutions? How do we bring them together so that they complement each other, with a focus on integration and collaboration rather than strengthening any one part.”

Inglis described his four main goals and responsibilities, which will shape the work in the coming months.

Promoting synergy in federal cybersecurity regulation

This goal includes strengthening various existing efforts, such as the Cybersecurity Executive Order. It also includes working with existing agencies, leaders to improve technology architectures, enrich other agency capabilities such as the Cybersecurity Infrastructure Security Agency (CISA) and the Department of Homeland Security (DHS), and other leadership roles such as the Chief Information Security Officer and other relevant heads of the defense sector.

“We have to maintain the strength of each branch … but try to make them work in harmony with each other and be able to achieve some kind of synergy,” Inglis said. “We have to create this centralized consistency, but also strengthen the edge.”

Inglis pointed out that the lack of consistency leads to inefficiencies, such as too much division of labor between departments and functions.

He said: “That misses the point that sometimes I can’t see the whole of a threat, or you can’t see the whole of a threat, and it’s only when we start comparing and contrasting that we get a sense of what we can’t see alone. way to see it.”

Strengthening public-private cooperation into good shape

Inglis stressed the importance of cooperation against threats. That means not creating too many divisions of functions to ensure “seamless integration gives us an edge in a confrontation,” Inglis said. This approach is critical because much of the cyber innovation takes place in the private sector, and the unique role of government implies access to information, diplomatic and financial power.

“Ultimately, we need to figure out how to use all the tools of power that we have — there are many in the private sector, more in government — and use those tools to integrate and coalesce so that we have cooperation,” he said. The way we work together doesn’t force our opponents into a situation where in order to beat one of us, they have to beat us all. “We don’t combine behavior with consequences, there should be rewards for good behavior and punishment for bad behavior. When you add all of this up, it creates a situation where invaders, whether criminals or nation-states, can take advantage of us because they find the weakest point. “

This strategy has many implications for the industry and can provide not only many lessons learned, but also a comprehensive approach to dealing with such emergency security incidents.

“Government also has a lot to learn,” Patrick Gorman, executive vice president of Booz Allen Hamilton, said at a separate conference. “Cooperation between the private and public sectors…is The key to a good partnership going forward.”

It also means keeping the acquisition process in mind when the government acquires technology and capabilities from the industrial sector.

“As we look at the entire ecosystem, we have to understand the nuances that develop over time,” VMware’s federal strategist Keith Nakasone said during the event. “Early and meaningful discussions with these agencies will yield better outcomes to improve the acquisition process and be able to provide meaningful solutions that address the requirements of these missions.”

Evaluate the effectiveness of the use of cybersecurity funds

As a way to support building cyber-resilient systems, Inglis pointed to a $1 billion IT modernization grant program for federal agencies that will be overseen by the General Services Administration and the Office of Management and Budget. Inglis said the role of the national cyber director is to help ensure funds are being used to address appropriate security concerns.

“We will track these funds to ensure they are being used for their intended purposes and to help these agencies and departments stay the course — and then report on their use to Congress as we have ordered.”

Inglis said the role of national cyber director “doesn’t need to replicate or compete with” existing jobs such as the Technology Modernization Fund (TMF). TMF funds projects for improvements, including strengthening critical infrastructure and ensuring system resilience. Instead, it will track those funds and make sure they are being used appropriately.

Increase resiliency against current and future cyber threats

Resilience to cyber threats requires a focus on both technology and people. That often means considering an appropriate budget, as well as time, attention, or adjustments to expectations, Inglis said.

“Going forward, it’s going to take some exercise to achieve the muscle memory needed to[these goals]… some role adjustments to do all this work,” he said.

Inglis noted that his office’s job is not done by the resources it has, but by collaboration to help maintain or leverage relationships.

He concluded: “We will enable, empower and support the work of hundreds of people in the public and private sectors so that teams will be greatly empowered because they have a structure that enriches each branch, rather than Operate alone.”

Further reading

The establishment of the Office of the National Cyber ​​Director has been welcomed by the Cyberspace Daylight Council, which recommends that it is an important step towards improving national cybersecurity. However, some lawmakers from both parties have demanded a clearer picture of how all the different cyber leadership roles will work together. Inglis’ statement is responding to this question.

Inglis, a former deputy NSA director, is working with Anne Neuberger, deputy national security adviser for cyber and emerging technologies, and CISA director Jen Easterly to coordinate the administration’s efforts Cybersecurity Policy. Both men had worked for the NSA.

Costello, Director of the Office of the National Cyber ​​Director, has extensive government experience. He has served as Deputy Assistant Secretary for Intelligence and Security at the Department of Commerce, Director of Strategy, Policy and Programs at the Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) ) and a Congressional Innovation Fellow on the House Oversight Committee. Served in the U.S. Navy and also served as a cryptolinguist for a Navy service. Costello has served as an adjunct senior fellow at the Center for New American Security Technologies and National Security Programs since February 2021, and briefly as a senior advisor at Washington-based consulting firm WestExec Advisors.

The Links:   RM500HA-24 2MBI100NE-120 MY-IGBT