Chris Inglis Nominated for Cyber Director; Jen Easterly Tapped to Lead CISA
President Joe Biden has nominated two U.S. National Security Agency veterans for top cybersecurity positions as the White House continues to confront the fallout from the SolarWinds supply chain attack as well as attacks against on-premises Microsoft Exchange email servers.
See Also: Top 50 Security Threats
The White House announced Monday plans to nominate John “Chris” Inglis to become national cyber director, a position created earlier this year by Congress as part of the 2021 National Defense Authorization Act.
The administration also plans to nominate Jen Easterly to take over as director of the U.S. Cybersecurity and Infrastructure Security Agency, which is part of the Department of Homeland Security. CISA has been without a Senate-confirmed leader since former President Donald Trump fired Christopher Krebs in November 2020 (see: Trump Fires Christopher Krebs, Head of CISA).
If approved by the Senate, Inglis and Easterly are expected to work closely with Anne Neuberger, the deputy national security adviser for cyber and emerging technology who is already overseeing the federal investigations into the SolarWinds and Exchange attacks (see: White House Preparing ‘Executive Action’ After SolarWinds Attack).
“I am looking forward to working with Chris and Jen to continue building back better to modernize our cyber defenses and enhance the nation’s ability to prevent and respond effectively to cybersecurity incidents,” Neuberger says. “We will work closely with cybersecurity leaders across the United States government, the private sector, Congress and dedicated frontline cyber responders to keep our networks safe and secure.”
The nominations drew immediate praise from Krebs, who had helped push CISA to address a number of security issues ahead of the 2020 elections before he was fired by Trump. Krebs now runs a security firm, the Krebs Stamos Group, with former Facebook CISO Alex Stamos.
“My goodness. This is a team,” Krebs wrote on Twitter.
The nominations of Inglis and Easterly come at a time when members of both parties have been raising concerns that the Biden White House had left two critical cybersecurity posts open at a time when both the SolarWinds and Exchange attacks are under investigation.
Earlier this month, two senators asked the Biden administration and CISA for more details about those attacks, including why CISA’s intrusion detection system, known as Einstein, failed to detect them (see: Why Didn’t Government Detect SolarWinds Attack?).
Meanwhile, Department of Homeland Security Secretary Alejandro Mayorkas is working to address domestic cybersecurity issues, including the surge in ransomware attacks.
President Biden is asking Congress to boost the CISA budget for fiscal year 2022 by $110 million to $2.1 billion to help enable the agency to address a range of cybersecurity issues.
This would build on the $650 million provided to CISA under the American Rescue Plan Act – the COVID-19 stimulus package signed into law in March – to fund efforts to better protect federal and civilian agency networks during the pandemic (see: Biden Seeks to Boost CISA’s Budget by $110 Million).