Joe Biden had already upped his cybersecurity game during the race to the White House. The Democratic President had on-boarded former White House cybersecurity official Chris DeRusha as the CISO and Jacky Chang as the Chief Technology Officer for his election campaign. Yet his campaign website “Vote Joe” was defaced by Turkish threat actors. It did not stop here. His election app was also vulnerable to a cyberattack whose proof-of-concept was provided by white hat hackers from Promon. These incidents, along with the devastation and compromise caused by the SolarWinds cyberattack, have probably pushed the newly appointed POTUS to rethink the national cybersecurity posture immediately.
On his first day in office, Biden has already made his intentions clear that he is serious about cybersecurity. He has introduced and sanctioned a host of cybersecurity plans starting with three new appointments to key national cybersecurity positions.
We had earlier reported that Biden had plans of appointing Anne Neuberger to the newly formed National Security Council (NSC). If reports are to be confirmed, the NSA Cybersecurity Director will now prefix a “Former” title to her current designation and move to her new position – Deputy National Security Adviser for Cyber and Emerging Technology. Neuberger has successfully led the NSA Cybersecurity Directorate since its inception in 2019 and played a pivotal role in countering 2020 U.S. election interferences from foreign adversaries.
This appointment meant that the top spot of NSA Cyber command was up for grabs. But, filling up Neuberger’s shoes is a huge task itself. Biden, however, seems to have found a perfect fit in Rob Joyce.
— NSA/CSS (@NSAGov) January 15, 2021
Joyce previously served as NSA’s senior representative to the U.K. at the U.S. embassy in London. He has a proven track record of more than 30 years in federal services and served in critical positions, including special assistant to the president and cybersecurity coordinator at the White House, deputy homeland security adviser and acting homeland security adviser.
Michael Sulmeyer is another name that has come up in Biden’s White House. Sulmeyer has been appointed as the Senior Director for Cyber. He comes with the experience of having served as a senior adviser to National Security Agency director and U.S. Cyber Command commander Gen. Paul Nakasone. The White House, however, is yet to decide what duties Sulmeyer will disperse in his new role.
Apart from these three, the U.S. Senate approved Avril Haines as the Director of National Intelligence.
This morning Avril Haines took the oath of office to serve as Director of National Intelligence. DNI Haines is the first woman to lead the U.S. Intelligence Community. https://t.co/r3Aqn7aaoS
— Office of the DNI (@ODNIgov) January 21, 2021
What makes this appointment more noteworthy is that Haines is the seventh director of National Intelligence but the FIRST woman to lead the country’s intelligence community. Women in cybersecurity are breaking ground and, more importantly, the stereotypes.
Biden Reviews SolarWinds Hack
Biden has swiftly moved into the office and took charge. The POTUS has already signed 17 executive orders on his first working day and seems enthusiastic about getting a hold of things at the earliest. His enthusiasm is not just limited to undoing the policies of the previous chair in the White House but also in knowing the impacts of the previous regime and taking immediate remedial measures. It is with this view that Biden has ordered the U.S. intelligence agencies to provide him with an assessment of a suspected Russian espionage operation, popularly known as the SolarWinds cyberattack, which breached multiple U.S. federal agencies and exposed glaring weaknesses in U.S. cyber defenses.
The early days of Biden’s administration will be under the lens of his critics and his supporters, and the tact with which he responds to such a sophisticated spying operation against the nation may just as well define the way forward for his regime. What information would be given to Biden in the intelligence brief is still not clear, but by the looks of it, he sure seems keen enough on learning and seeking answers to the 4W’s and H of the hacking incident.
Biden Proposes $10 Billion Cybersecurity Spending
Biden’s role in making cybersecurity appointments and plans look realistically promising. However, to materialize such large level blueprints, one needs monetary investments. Giving this a deep thought, Biden, in his $1.9 trillion COVID-19 stimulus, also included a $9 billion spending proposal to help the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the General Services Administration (GSA) upgrade their cybersecurity and IT projects.
Additionally, Biden also proposed spending another $1 billion over cybersecurity and IT initiatives, including the hiring of security experts in the Office of the U.S. Chief Information Security Officer as well as the Digital Service unit in the White House; additional IT projects within the GSA; and for CISA’s multiple in-house projects aimed at improving its monitoring and incident response capabilities across all federal agencies.
Security experts are lauding Biden’s efforts and backing him in the fight against evolving cyberthreats. However, there are a few more laws and acts that need urgent attention and upgrade, including the Federal Information Security Act and the 1990 Chief Financial Officers Act, so that smaller federal agencies also benefit from the investments and resources that the new government is bringing to the table.
We hope Biden and his C–Suite are listening to this.
About the Author
Mihir Bagwe is a Tech Writer and part of the editorial team at CISO MAG. He writes news features, technical blogs, and conducts interviews on latest cybersecurity tech and trends.