LAS VEGAS — The first national cybersecurity strategy was released via a presidential directive 25 years ago, and the White House is at it again.
Acting National Cyber Director Kemba Walden isn’t just determined to make this one stick, she wants it to work and achieve a broader vision of goals that have been elusive thus far — stronger defenses, resiliency and a digital environment that aligns with democratic values.
“We have really been doing the same thing over and over again, and we’ve done some great things. We’re making great progress,” Walden said Thursday during her keynote at Black Hat USA 2023. “But what we’ve noticed is that we’ve allowed cybersecurity to devolve to those that are least capable.”
Cyberattacks have grown more complex, persistent and damaging since the Clinton administration first presented a strategy that described the coalescence of critical infrastructure and cybersecurity in May 1998.
Things will be different this time, according to Walden.
“We are very clear and affirmatively thinking through what we want our digital ecosystem to look like,” Walden said.
The Office of the National Cyber Director’s recently released implementation plan, a first of its kind from the White House, fuels Walden’s optimism.
The plan subjects ONCD, the Cybersecurity and Infrastructure Security Agency and 16 other federal agencies to accountability with deadlines. That’s another first, Walden said.
While the strategy and plan are now set, adjustments remain ongoing. “This is an evolving process,” Walden said. “We’ll do an implementation version two probably in the spring so that we can update, we can iterate, we can make sure that we are getting the right actions at the right time.”
The White House is also working with significantly more resources and talent this time around, more than two decades after the executive branch called for the federal government to swiftly eliminate vulnerabilities and protect critical infrastructure from cyberattacks.
“We have about 78 people on staff,” Walden said. “We are at full operating capacity, but we need more. We have the work of 100 or so people and we're hoping to hire that many people.”
ONCD now includes teams focused on workforce and education, supply chain security and a cross-functional team focused on electric vehicles, space and open source, according to Walden.
“It’s an embarrassment of riches, almost, in our White House,” she said.
Before the creation of ONCD there were about 10 to 12 people in the White House focused on cybersecurity, according to Walden.
“I’m optimistic that we can get there, but I’m realistic that it’s not going to be easy,” Walden said.
Walden is expected to leave her post as acting national cyber director after her expected nomination did not materialize, reportedly in connection to a personal debt issue, according to The Washington Post.
The White House last month nominated Harry Coker Jr., a Navy veteran and a senior-level leader on national security issues, to become the new national cyber director.
“Technology is agnostic of values, but it really carries with it the people who use it, the people who are in it, the people that develop it,” Walden said. “We put the value in the technology, so let's figure out what that is.”
Disclosure: Black Hat and Cybersecurity Dive are both owned by Informa. Black Hat has no influence over Cybersecurity Dive's coverage.