Chris Kennedy, former leader of cybersecurity operations programs for the U.S. Department of the Treasury and the U.S. Marine Corp, has called for the reinstatement of the cybersecurity coordinator role on the National Security Council.
The position was scrapped last year by the then U.S. national security advisor John Bolton, who tendered his resignation yesterday. Bolton is the third national security advisor to exit the White House since President Donald Trump took office in January 2017. Trump claimed yesterday on Twitter to have asked Bolton to step down.
"The removal of the position in May 2018 mystified myself and others within the cybersecurity industry," said Kennedy, who is now CISO and vice president of customer success at AttackIQ. "The elimination of the role did not make sense considering the importance of cybersecurity in the protection of our nation."
Kennedy, who is a former Marine Corps officer and Operation Iraqi Freedom veteran, believes the importance of cybersecurity to American national security hasn't been fully realized, leaving the United States vulnerable to attack.
He said: "I still do not think we as a nation understand our dependence on technology, the risks we assume every day, and the capabilities of nation-state backed threat actors. Risks of being attacked grow every day as enterprises continue to adopt more technology to augment their business.
"The world runs on technology today, and that presents one of the most significant risks to the nation—logistics that feed and supply our nation, critical infrastructure that enables our way of life, and technology platforms across all industries that enable businesses to conduct their mission are all cybersecurity implications. To not have a focal point focusing on that risk is exceptionally worrisome since a major cyber-attack would have catastrophic implications."
The need for a cybersecurity coordinator operating at a national level was echoed by Joseph Carson, chief security scientist at Thycotic, who said: "The elimination of the cybersecurity coordinator position removed accountability and responsibility. This was a step in the wrong direction.
"Without a cybersecurity coordinator, it has been as if there is no one is driving the White House on protecting citizens from cyberattacks.”
Dan Tuchler, CMO at SecurityFirst, believes Bolton's decision to scrap the cybersecurity coordinator role made the U.S. more vulnerable to cyber-attacks.
He said: "John Bolton greatly damaged our ability to focus on these threats by removing the position of cybersecurity coordinator. It’s hard to imagine his replacement being worse, but it’s also unlikely in this political climate that the replacement will restore the cybersecurity position."
With the proviso that he "didn't want to be alarmist," Tuchler added, "Let’s hope the situation is corrected before something terrible happens."