Krebs cautions on push for national cyber director
The former CISA chief expressed confidence in Deputy National Security Advisor Anne Neuberger to help the White House confront the multiple cybersecurity incidents it is facing.
Chris Krebs, the federal government's former top cybersecurity official, on Thursday pushed back on statements from lawmakers urging the White House to rapidly nominate a national cyber director.
The former CISA chief said the establishment of a national cyber director within the White House is one of the few areas he disagreed with the recommendations of the congressional Cyberspace Solarium Commission, arguing instead the government should be "clarifying and strengthening existing agencies."
"There is a role for an NCD, but I believe the appointment of Anne Neuberger as Deputy NatSec Advisor to @POTUS addressed many of the concerns that prompted the creation of the NCD," Krebs tweeted.
Krebs' tweets were in response to a statement from Sen. Angus King (I-Maine) and Rep. Mike Gallagher (R-Wis.), who chair the congressional commission, addressing a Politico story reporting Russian hackers managed to breach the email inboxes of State Department officials last year.
"The problems we face in cyberspace, in federal networks or otherwise, are too complex and expansive for a small team at the NSC to handle. The Biden Administration must nominate a National Cyber Director in short order and begin constructing his or her office," King and Gallagher said.
The statement also said it is not clear whether the breach at the State Department is connected to the hacking campaign against SolarWinds.
Since Politico's story was published, the hack report has not come up during two subsequent daily press conferences with State Department spokesman Ned Price.
Lawmakers have been growing increasingly impatient with the White House as it continues to confront multiple cybersecurity incidents without a national cyber director nominee or a permanent director of the Cybersecurity and Infrastructure Security Agency.
Separately, the White House is expected to soon unveil an executive order focused on cybersecurity that will mandate software companies notify the federal government when their networks are breached. Department of Homeland Security Secretary Alejandro Mayorkas on Wednesday announced his agency would begin a series of 60-day sprints focused on ransomware, workforce, critical infrastructure and other areas.