The White House swore in Chris Inglis as the first national cyber director on Tuesday, the same day the Senate voted to confirm Jen Easterly as director of the Cybersecurity and Infrastructure Security Agency.
While Inglis and Easterly sat before Congress in a nomination hearing in June, Inglis was quickly confirmed while Easterly's nomination waited in limbo. Easterly's late confirmation was due to a Congressional recess following political strife.
- The swearing in and confirmation of the two national cybersecurity leads comes at a time when the government and critical infrastructure segments, including the energy sector, are face escalating cyber incidents. A House Energy and Commerce subcommittee on Tuesday will hold a hearing to examine the growing threat of ransomware.
After an onslaught of Russia-linked cyber incidents — Kaseya, JBS and SolarWinds, to name a few — President Joe Biden met with Russian President Vladimir Putin and warned of consequences of further attacks.
Now, with key national cybersecurity roles filled, the White House has the leadership in place to back up its cyber posture. The national cyber director role comes after years of recommendations from the Cyberspace Solarium Commission (CSC) and after CISA's highest post remained in acting capacity since Christopher Krebs was fired in November 2020.
In their roles, Easterly and Inglis will help coordinate cyberattack mitigation and confer on national cyber readiness with the private sector.
"Given that cybersecurity touches every aspect of our government and our lives — from our laptops to the internet of things — the U.S. desperately needs centralized leadership to coordinate the federal response to improve our defenses," Sen. Angus King, I-Maine, and co-chairman of the Cyberspace Solarium Commission, said in a statement.
"After serving with him for two-plus years on the Cyberspace Solarium Commission, I am confident that Chris Inglis is the right person to take on this vital role," King said.
In the role, Inglis will in the national cyber strategy across sectors, connecting government, private industry, law enforcement and the intelligence community under one cyber suite.
At CISA, Easterly will serve as the second director of the nascent agency established in 2018. CISA primarily works to secure the nation's infrastructure and Easterly will work to build the agency's reach within the private sector.
"Jen Easterly is a tremendous leader who has driven the nation’s cyber defense in government and the private sector, and I applaud her confirmation," Nikesh Arora, chairman and CEO at Palo Alto Networks, said in a statement. "She understands the critical importance of collaboration to stay ahead of cyberthreats."
The Biden administration is trying to improve cybersecurity from all fronts, calling on the private sector to stand up additional defenses against cyberattacks. A May executive order calls for broader information sharing, software security standards and deeper collaboration between the sectors to limit threats to U.S. cybersecurity.
A joint white paper prepared by staff of the Federal Energy Regulatory Commission and the North American Electric Reliability Corporation's (NERC) Electricity Information and Analysis Sharing Center warned "continued vigilance" will be necessary to protect the bulk power system from hackers.
The SolarWinds attack exposed about a quarter of North American utilities, according to NERC.
The most recent high-profile attack on the U.S. energy system was the Colonial Pipeline hack, which in May briefly shut down the largest gasoline pipeline on the east coast.
Robert Walton contributed to this reporting.