A coalition of cybersecurity-focused industry groups and nonprofits are urging the Biden administration to prioritize the swift nomination of a new National Cyber Director after the departure of Chris Inglis.
In a letter sent Wednesday to White House chief of staff Jeff Zients, the groups ask Biden to commit to naming a replacement director by the end of July, writing that speedy action “is crucial in filling this role to protect our nation against ongoing threats and effectively tackle the challenges that lie ahead of us.”
Inglis, who served as the first-ever leader for the Office of the National Cyber Director, helped stand up and staff the body after it was created by Congress in 2021, and many of the officials working there today were handpicked by the former U.S. intelligence official.
Inglis left his post in February, weeks before ONCD unveiled a long-awaited update to the nation’s cybersecurity strategy that is meant to guide major aspects of U.S. cyber policy over the next decade. In his absence, deputy National Cyber Director Kemba Walden has occupied the post in an acting capacity and has overseen the rollout of the strategy and a follow-up implementation plan that is expected to be completed later this year.
In their letter, the groups praise the work of past leadership and argue that putting new permanent leadership in place is essential to maintaining the momentum the office has built up over the past two years.
“[W]e are concerned that the delay in nominating a candidate…could impede the great work accomplished under Director Inglis and Acting Director Walden, hinder the implementation of the National Cyber Strategy, and jeopardize the effectiveness of ONCD. The nomination of this position presents a critical opportunity for the Administration to cement the significance of this office,” the groups state.
Signatories for the letter include the Cybersecurity Coalition, BSA/The Software Alliance, the Information Technology Industry Council, the Center for Cybersecurity Policy and Law and the Better Identity Coalition.
For his part, Inglis has consistently praised Walden in the wake of his exit, highlighting her skills and capabilities in his resignation letter to the White House and telling SC Media in April that part of the reason he felt comfortable stepping away before the strategy could be implemented was because he knew Walden would be steering the wheel after he left.
In response to questions about the letter, Inglis told SC Media that he shared in the belief that a prompt replacement nomination was necessary to help the fledging ONCD succeed in its long-term goals. He also suggested that the White House has had plenty of time to work out a successor, as they have known since late last year that he intended to step down.
“I do agree that it is vitally important to sustain the momentum of the work accomplished over the first two years of the Office of the National Cyber Director by affirming the administration’s and Senate’s continued support for the position through nomination and confirmation,” Inglis wrote. “It has been more than eight months (3 months before my departure) since I notified the White House of my intent to retire upon approval of the national cyber security strategy, which was expected in the first quarter of 2023 along with, at their request, criteria outlining the needed experience and capabilities, and names of possible successors.”
He added that “Kemba is eminently well-qualified and has done a superb job in the position.”
The groups also urged Biden to issue an executive order to publicly “clarify” the distinct roles and responsibilities that different federal offices and agencies have around cybersecurity, including ONCD, the Cybersecurity and Infrastructure Security Agency, the White House National Security Council, the Office of Management and Budget and the National Institute for Standards and Technology.
While Congress created ONCD in an effort to, as one Senator put it, give legislators “one throat to choke” when it came to overseeing U.S. cyber policy, Inglis and others have often stressed that the realities of interagency cooperation around the issue require a far messier arrangement, with each agency often bringing unique authorities and insights that make total or significant centralization nearly impossible.
The insertion of ONCD into the federal hierarchy also reportedly led to friction and turf battles, with Bloomberg reporting in April that Inglis and deputy national security advisor Anne Neuberger frequently clashed over coordination around the national cyber strategy, overlaps between their respective authorities and other slights.
While the letter sent to the White House Wednesday does not mention the Bloomberg article, it does employ similar language about concerns of “potential overlaps” around federal cyber policy when justifying the need for an executive order.
“Congress’s decision to make this a Senate-confirmed position has created potential overlaps, making such a clarification necessary. However, the way these issues are handled will define the Biden Administration’s lasting impact on cybersecurity policy and can demonstrate a comprehensive whole-of-government cybersecurity approach," the groups wrote.