Cybersecurity leader confronts an overflowing agenda at the national level
New White House National Cyber Director Set to Shape Cybersecurity Policy
The Cybersecurity Information Sharing Act (CISA) of 2015, a crucial piece of legislation that facilitates the sharing of cyber threat data between government and industry, is nearing its expiration on September 30. Congress is actively working on its reauthorization, with a focus on extending it through 2035 and making minor updates to adapt to evolving threats and technologies like artificial intelligence.
Sean Cairncross, recently confirmed as the White House’s National Cyber Director, is poised to play an influential role in shaping U.S. cybersecurity policy during this period. Cairncross, who has a background in politics and law, will lead coordination efforts across government and private industry to address cyber challenges.
One of Cairncross's top tasks will be effectively organizing and leading the government's public-private collaboration, a critical aspect of CISA's implementation. His leadership will be crucial during the reauthorization process, potentially influencing how the law adapts to new cyber threats, including AI-driven risks.
The Office of the National Cyber Director (ONCD), which remains relatively new within the federal government, needs to establish itself within the White House decision-making structure. The ONCD could focus on updating the government's cyber incident response plan, addressing continuity of the economy planning for a large-scale cyber attack, and coordinating and strengthening the various Sector Risk Management Agencies that oversee critical infrastructure sectors.
Recognizing that perfect harmonization is not possible due to different sectors having different needs, requirements, and risk profiles, the greater the harmonization, the better. This principle is particularly relevant for Cairncross as he navigates the complex landscape of cyber regulations.
Under the Biden administration, ONCD led a national cyber workforce strategy with a goal to boost recruitment and retention of government cyber talent. The Department of Homeland Security also made more than $100 million in cyber grant funding available on August 1.
Cairncross, as the national cyber director, will oversee strategic federal cybersecurity coordination, likely including helping to navigate the reauthorization process and enhancing collaboration among government agencies and industry sectors impacted by CISA. His lack of technical cybersecurity expertise is notable, but his role is primarily policy leadership and coordination at the White House level.
Cairncross's confirmation as the White House's new national cyber director comes amid deep concerns about China-linked hacks of U.S. critical infrastructure, including "Salt Typhoon" and "Volt Typhoon." His appointment could help reinject some excitement into the prospect of a federal cyber job.
Cairncross is the third Senate-confirmed national cyber director since the position was established in 2021. His leadership is expected to play a key role in championing the reauthorization of CISA and ensuring the continued protection of U.S. critical infrastructure from cyber threats.
[1] CISA reauthorization: What's at stake for K-12 schools
[2] Sean Cairncross confirmed as White House's new national cyber director
[3] Cybersecurity Information Sharing Act reauthorization: What's at stake for businesses
[4] AJ Grotto on the future of cybersecurity policy under the Biden administration
Cybersecurity Information Sharing Act (CISA) reauthorization discussions in Congress involve extending the law through 2035 and adapting it to evolving threats such as AI, which Sean Cairncross, the new White House National Cyber Director, may influence due to his crucial role in shaping U.S. cybersecurity policy. Cairncross, with a background in politics and law, will coordinate efforts between government and private industry to manage cyber challenges, playing a key role in CISA's implementation and reauthorization.
Given the imminent expiration of CISA on September 30, the Office of the National Cyber Director (ONCD) could focus on updating the government's cyber incident response plan, addressing continuity of the economy planning for a large-scale cyber attack, and coordinating and strengthening the various Sector Risk Management Agencies that oversee critical infrastructure sectors. This harmonization across sectors, although challenging due to diverse needs and risk profiles, is crucial for effective cyber regulations.
