Members of the cyber-commission established under the Obama administration to enhance the cybersecurity efforts of the federal government want President Trump to implement their recommendations. Thomas Donilon, Obama’s national security adviser from 2010 to 2013 and Chair of the commission, along with two other commissioners expressed this on Monday, requesting for better collaboration between public and private sectors; and that the White House should be in the frontline of federal cybersecurity.
President Obama launched the Commission on Enhancing National Cybersecurity by an executive order in February 2016. In December 2016, weeks before Trump took office, the commission submitted a report outlining sixteen recommendations to streamline and reinforce cybersecurity endeavors of the federal government. The commission recommended that the president should appoint an assistant to the president for cybersecurity, who would report through the National Security Adviser and coordinate efforts on digital security across agencies. “I do think there needs to be the locus in the White House … that can convene the various elements of the United States government that make policy on an interagency basis. No one agency is going to make policy on something as complicated as cyber,” Donilon said. He encourages the new administration to develop an “all-of-government deterrence” against cyberattacks by coordinating work across agencies and departments.
Former president and CEO of IBM and vice chair of the commission, Sam Palmisano, said on Monday at the Center for Strategic and International Studies (CSIS) where he met with other members of the commission., that he attended meetings at the White House to give his input on cybersecurity policy and offered advice on how to transform government’s technology and management to help it function more like a private sector entity.
There were signals that President Trump would be quick about cybersecurity reform when he planned to sign an executive order on cybersecurity in January, but the White House canceled the order abruptly. CNN reports that the draft executive order calls for a complete review of the most critical hacking vulnerabilities in the nation’s military, intelligence and civilian government computer systems. It also seeks some coordination between the U.S. military, law enforcement and academia. Palmisano hinted on Monday that a new executive order could be announced as soon as the end of this week.
The commission appears divided over the possibility of the Trump administration holding agency heads accountable for the cybersecurity activities of their own organizations, as he mentioned in a news conference held in January before the cancellation of the initial executive order.
“This insistence by the president that the agency, department heads are responsible for cybersecurity in their agencies and that they be held accountable is a very important piece of this. That is a contract, if you will, between the president and the people he hires to run the agencies and departments,” Donilon said. Steven Chabinsky, a member of the commission and partner at law firm White & Case, expresses a different view. “I agree that they need responsibility, but that responsibility in my mind is a leadership role that will bring to the floor what the real issues are,” he says, noting that federal agencies alone might not have the resources to secure their systems and procure new technologies. “We’re asking them to assess the environment and bring that up to this place within the White House like you’re talking about and say, here are the real challenges that we’re facing,” Chabinsky said.