Thursday, April 15, 2021

One National Cyber Director To Rule Them All

Information and communication technology (ICT) has made communication and coordination easier than ever before. However, the integration of ICT within virtually every aspect of modern military strategy has also enhanced the visibility of existing interservice rivalries between government agencies. On the issue of cybersecurity strategy, this has led to an incohesive plurality of branch-specific policies as agencies compete to demonstrate a vision on cyberwarfare in the absence of national strategic guidance.

Enter Chris Inglis, former Deputy Director of the National Security Agency (NSA) and, as of April 2021, the Biden administration's nominee to become the first National Cyber Director in US history. What makes Inglis the right guy for the job? It's not too difficult to understand why considering the current institutional structure that governs cybersecurity and the opportunities for friction along institutional seams.

The Office of the National Cyber Director was established at the end of the Trump administration through Section 1752 of the 2021 National Defense Authorization Act. In general, the National Cyber Director's duties are to advise the President and government agencies on cybersecurity policy, lead the joint coordination of national cyber strategy across agencies, and engage with private sector actors on cybersecurity threats. In case that did not sound complicated enough, the position also has no direct authority over any other agency and may only share resources such as personnel or facilities with their consent. 

Consider then also the often ill-defined division of responsibilities and existing opportunities for friction within departments of the NSA like US Cyber Command and the Cybersecurity & Infrastructure Security Agency (CISA). The relationships that Inglis will bring with him to the position of National Cyber Director are essential to the position, which will require a diplomatic touch to be effective -- and that's without even considering the private sector.

No comments: