At long last, the whole cybersecurity team is here. Almost.
On April 12, President Joe Biden announced his intent to nominate officials for key cybersecurity posts at a time when the federal government is working to respond to the fallout from the suespected Russian cyberattack, widely known as the SolarWinds breach, since a malicious update to the company’s Orion software was used as a vector for the attack.
Biden selected John “Chris” Inglis to become the nation’s first national cyber director, and he tapped Jen Easterly to lead the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
Inglis, a former deputy director of the National Security Agency, was also a member of the Cyberspace Solarium Commission, and helped craft the recommendation to create the position. In addition to serving as the coordinator of federal cybersecurity strategy, Inglis, if confirmed, will need to work with other key advisers and government agencies to help craft a response to the attack.
Easterly formerly served as the senior director for counterterrorism and as the deputy for counterterrorism at the NSA. The White House notes that she was “instrumental in the design and creation of United States Cyber Command.”
Anne Neuberger, deputy national security advisor for cyber and emerging technology, said in February that nine federal agencies and about 100 private sector companies were compromised in the SoalrWinds attack, although about 18,000 entities had downloaded malicious software through the Orion updates, as MeriTalk reports. Brandon Wales, the acting director CISA, told the MIT Technology Review in March it would take the U.S. government a year to 18 months to fully recover from the Russian attack.
In addition to the SolarWinds hack, federal agencies are assessing the impact of another wide-ranging cybersecurity breach, affecting tens of thousands of organizations that use Microsoft’s Exchange Server system, which Microsoft has attributed to a Chinese government-backed hacking group.
In a joint statement, Sens. Angus King (I., Maine) and Ben Sasse (R., Neb.) and Reps. Jim Langevin (D., R.I.) and Mike Gallagher (R., Wis.) praised the nominations of Inglis and Easterly, as The Wall Street Journal reports. The four lawmakers are the bipartisan leaders of the Cyberspace Solarium Commission, a group that amde recommendations on changes to cybersecurity policy. However, as the Journal reports, if Inglis and Easterly are confirmed, “three of the most important cybersecurity jobs in the administration not housed within the NSA could soon be run by NSA veterans,” as Neuberger also worked at the NSA.