What Role Will the National Cyber Director Play?

The National Defense Authorization Act of 2021 created the position of national cyber director to serve as the principal adviser to the president on cybersecurity policy and strategy. In the wake of the suspected widescale Russian cyberattack against the government and private sector, the position takes on even more importance.

In addition to serving as the coordinator of federal cybersecurity strategy, the person the Biden administration chooses for the role (which requires Senate confirmation) will need to work with other key advisers and government agencies.

However, the immediate task at hand will be managing the response to the attack, which the government is still investigating. William Evanina, director of the National Counterintelligence and Security Center, said on Jan. 12 that the number of agencies and private sector companies affected by the attack will likely continue to grow, according to FCW.

“Once this individual is appointed and confirmed, this would be the individual who is coordinating the response,” Rep. Jim Langevin, one of the members of Congress who was deeply involved in getting the position created, tells The Hill.

REGISTER: Sign up for free to hear cybersecurity expert Theresa Payton discuss today's pressing IT security challenges. 

What Will the National Cyber Director Do?

The national cyber director will have many responsibilities. According to the statute, this person will be the main adviser and coordinator for information security and data protection, programs and policies intended to improve the U.S. cybersecurity posture, and efforts to understand and deter malicious cyber activity.

The person will also be in charge of efforts to enhance the security of IT services and promote national supply chain risk management and vendor security. That is of particular importance since the Russian hack came through the software supply chain.

Additionally, the national cyber director will be responsible for “diplomatic and other efforts to develop norms and international consensus around responsible state behavior in cyber-space,” according to the law, as well as initiatives around “awareness and adoption of emerging technology that may enhance, augment, or degrade the cybersecurity posture of the United States.”

Practically, job No. 1 will be responding to the Russian attack. As The Hill reports, “the Commerce, Defense, Energy, Homeland Security, Justice, State, and Treasury departments have all said they were compromised by the hack.”

“Rather than response being ad hoc and figuring out as we go, you’d have someone who has a well thought out plan for a thorough and aggressive response, and we would be much more effective,” Langevin tells The Hill about the role the cyber director will have in responding to the attack.

The law calls for the national cyber director to “lead coordination of the development and ensuring implementation by the Federal Government of integrated incident response to cyberattacks and cyber campaigns of significant consequence.” Those efforts include establishing with relevant agencies “operational plans, processes, and playbooks” for incident response, including the integration of defensive and offensive cyber plans and capabilities.

Experts argue that even before the national cyber director is confirmed by the Senate, the Biden administration should start adding staff to the director’s office. “The staffing effort should balance all available hiring authorities — to bring in personnel from outside the government — and specify which departments and agencies can offer detailees to the office in order to efficiently build its 75-member staff,” Mark Montgomery, senior director of the Center on Cyber and Technology Innovation, and Robert Morgus, a senior director for the U.S. Cyberspace Solarium Commission, write in War on the Rocks. “The goal should be to have the office up and initially functioning with 25 staffers by March 1 and fully functioning with 75 personnel by May 1.”