Logo

American Security Council Foundation

Back to main site

Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

Tension grows between Congress and the administration over how White House cyber policy should be run

Friday, February 19, 2021

Categories: ASCF News Cyber Security

Comments: 0

Congress has been pressing for a greater role in overseeing how the administration conducts cyberpolicy, but the White House is wary of lawmakers exerting influence over a critical area of national security.

At issue is how the White House will respond to a new law requiring the creation of a national cyber director, intended to be the principal person advising the president on policy and strategy, and who, significantly, is subject to Senate confirmation and public hearings. It’s what the law’s co-author, Sen. Angus King (I-Maine), calls having “one throat to choke.”

But the White House does not appear eager to fill the job right away. It has launched a 60-day review — which some lawmakers regard as an unnecessary delay — to study how the job should be structured. A nominee is not imminent, according to people familiar with the matter, who spoke on the condition of anonymity to discuss internal deliberations.

Last month, before President Biden took office, his team announced a potential rival power center at the White House — a deputy national security adviser for cyber inside the National Security Council, who, like other NSC officials, does not undergo Senate confirmation and remains outside congressional oversight.

The Biden administration believes that cyberstrategy is best run out of the NSC but it now has to comply with the law passed in December and name the national cyber director, who sits outside the NSC. The White House could construct the new role narrowly, but the less power the director has, the less visibility Congress will have into the area, which was a major goal of the legislation.

“This is the most serious external threat to our country right now, as proven as recently as the SolarWinds hacks” of U.S. agencies and private companies, said King, co-chairman of the bipartisan Cyberspace Solarium Commission, whose recommendations prompted more than two dozen provisions that have become law, including the new director role. “Having a member of the administration appointed by the president, confirmed by the Senate, gives this person the scope and authority to oversee this very complex and critically important issue. . . . I just frankly don’t understand why it’s taken this long to name a nominee.”[Cyber Solarium Commission proposes actions to strengthen nation’s defenses against foreign threats]

The White House said in a statement that “it’s still early days, and we’re still getting a full understanding of what we’ve inherited from the previous administration’s failures on cyber, including SolarWinds and the erosion and sidelining of the NSC Cybersecurity Directorate.”

Standing up “a new federal entity is very complicated — and so we’re taking a look at how we can do this in a way that makes the most sense,” the statement said. The office of the national cyber director comes with a staff of up to 75, according to the law, but Congress has not yet given the White House the money to hire people.

In late November, as the bill was headed toward passage, Biden’s transition team sought to remove the requirement for Senate confirmation. They liked the idea of the position but were concerned about exposing the cyber director’s office to freedom of information requests and litigation, which would “make it more challenging” to interact closely with the NSC, said one person familiar with the matter.

But by then the bill, which was part of the annual defense authorization package, had been negotiated by both chambers. In December, after Congress overrode President Trump’s veto of the defense package over unrelated issues, it became law.

Congress created the position in part as a reaction to the Trump administration’s elimination of the cyber coordinator role in 2018, which angered lawmakers from both parties. They wanted to ensure the presence of a senior White House official to direct strategy and incident response for the government and with the private sector.

Legislators like King were adamant the job be Senate-confirmed. “If the NCD did not require Senate confirmation,” King said, “it would have neither the continuity nor the stature that I believe it needs to fulfill this critically important function.”

The job has its limits. It can coordinate the defense of civilian agencies and of the private sector. While it can have visibility into the military and intelligence agencies, unlike NSC officials, it can’t oversee coordination in those areas.

The Biden administration is fielding an experienced cyberpolicy team and “they want flexibility in how they structure” it, said a second person familiar with the matter. “They didn’t want Congress encroaching on what they see as essentially a White House prerogative. Look, running cyberpolicy from outside the National Security Council, creating a sort of ‘Shadow NSC’ for cyber, is not the most effective way to do it.”

Last month, Biden named Anne Neuberger as deputy national security adviser for cyber and emerging threats. A well-regarded former top official at the National Security Agency, Neuberger is a close confidante of national security adviser Jake Sullivan and NSA Director, Gen. Paul Nakasone.

Neuberger’s is arguably the most powerful White House cyber position ever. She has the authority to coordinate policy and operations across military, civilian and intelligence agencies, and that includes cyber-offense, a key part of the government’s capabilities. Significantly, she can call meetings of deputy secretaries on cyberpolicy and operational issues.

On Wednesday, in her first public remarks in her new job, Neuberger briefed the White House press corps on the SolarWinds investigation, saying its scope and scale made it more than an “isolated case of espionage.” She said she is briefing lawmakers and speaking with private sector partners.[SolarWinds compromised nine U.S. agencies and about 100 companies, top White House cyber officials says]

“The Biden administration has created the right position with the right reporting structure and filled it with the right person,” said Jamil Jaffer, executive director of the National Security Institute at George Mason University. “So at this point, what is the purpose and need for a national cyber director that creates a potentially competing role, with obligations to Congress and the president and who doesn’t have the necessary clout to do the job?”

Advocates point out, however, that the cyber director will have an advantage that neither Neuberger nor any past White House cyber czar or coordinator has had: the ability to review agencies’ budgets and make recommendations to the president — a potentially significant lever to induce change.

“It ultimately could be a very strong entity if the president wants it to be,” said Rep. Jim Langevin (D-R.I.), a Solarium Commission member who co-wrote the bill.

Michael Daniel, who served as White House cyber coordinator under President Barack Obama, said that ultimately, excluding the intelligence community and defense agencies from the cyber director’s coordination role “is just not plausible” given the law’s requirement that the individual oversee major incident response across the government.

Some see a way forward with a division of labor. The cyber director would implement a national cybersecurity strategy, and coordinate the government’s nonmilitary response, including in cooperation with the private sector, after a major incident. Neuberger would be responsible for developing options to respond to an attack by a foreign adversary, such as cyber-retaliation or sanctions, perhaps in concert with allies.

“These two functions can be complementary and should be,” King said. “I’m not going to fault the administration for moving to shore up our cyberdefenses. I just think they need to take the next step.”

Photo: © Kristoffer Tripplaar for The Washington Post Sen. Angus King (I-Maine), seen in 2018, wants to see the Biden administration name a national cyber director soon.

Link: Tension grows between Congress and the administration over how White House cyber policy should be run (msn.com)

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.