Reps. Jim Langevin, D-R.I., and Ted Lieu. D-Calif., aim to mandate that the Trump administration fill its cyber coordinator position left vacant in the wake of Rob Joyce’s departure in early May 2018.
The two congressmen introduced the Executive Cyberspace Coordination Act May 15, 2018, which would create a National Office for Cyberspace in the Executive Office of the President, cementing a new cyber advisory role within the White House into law.
“We have had three excellent cybersecurity coordinators since the late Howard Schmidt originated the position. It is an enormous step backwards to deemphasize the importance of this growing domain within the White House,” Langevin said in a news release on the bill.
“We need a designated expert to harmonize cyber policy across the many agencies in government with responsibility in this space. We also need clear communication of administration positions on cybersecurity challenges, whether during major incidents or when establishing norms of responsible state behavior in cyberspace.”
The Protecting the American Process for Election Results (PAPER) Act establishes directives and grants for states to harden systems against manipulation.
The cyber coordinator role was originally established by President Barack Obama in 2009, and was held by two cyber experts prior to Joyce.
Reports surfaced just days before Joyce’s departure that the new national security adviser, John Bolton, was looking to cut the position in order to streamline authority in the White House. An aide to Bolton wrote an email to National Security Council employees May 15 announcing that the cyber coordinator role would be officially ending, Politico originally reported.
“The decision to eliminate the top White House cyber policy role is outrageous, especially given that we’re facing more hostile threats from foreign adversaries than ever before,” Lieu said.
“This move impedes our country’s strategic efforts to counter cybersecurity threats against our country. Fortunately, our bill will fill in those holes in government cybersecurity oversight by creating a National Office for Cyberspace in the White House. A coordinated effort to keep our information systems safe is paramount if we want to counter the cyber threats posed by foes like Russia, Iran and China. To do anything less is a direct threat to national security.”
The private sector has also been critical of the choice to end the cyber coordinator role, as the government already lacks cybersecurity leadership, such as with the still-vacant federal chief information security officer position.
“Eliminating the White House’s top cybersecurity job is vexing for a number of reasons. It comes at a time when our greatest cyber-adversaries, namely Russia, Iran and North Korea, are more relevant than ever on the global stage, and the county already lacks central cybersecurity leadership. There is a lack of discipline and finality in the government when it comes to tackling the cyber crises that we’re facing on a global scale, so choosing not to fill the role previously held by Rob Joyce would only weaken the nation’s cybersecurity posture,” said Netskope CEO Sanjay Beri.
Should the bill be enacted, it would establish a Senate-confirmed director of the new National Office for Cyberspace, who would be responsible for “recommending security measures and budgets for federal agencies, coordinating issues relating to cyberspace across the government while promoting civil liberties and centralizing defense of federal information infrastructure in the event of a large-scale attack,” according to the news release.
Langevin has introduced similar bills in 2011, 2013 and 2015, which didn’t make it out of House committee.