Trump's Top Cybersecurity Advisors Resign

Several members of the National Infrastructure Advisory Council (NIAC), a Homeland Security advisory body, resigned recently.

An unsigned resignation letter obtained by Nextgov gives several reasons for the resignation, including the Trump administration's lack of attentiveness to critical infrastructure and President Trump's recent comments in the wake of unrest in Charlottesville.

Image: Gage Skidmore

The NIAC's role is to advise the president, through the Department of Homeland Security (DHS), on "the security of the critical infrastructure sectors and their information systems."

A majority of security analysts say the US is likely to suffer a cyber-attack targeting infrastructure in the next two years, making the NIAC's role a critical one. Eight members of the 28-member council resigned, which should be enough to make any security professional concerned for the security of US infrastructure.

Why the NIAC Members Resigned

The resignation letter lists several reasons why the writers stepped down from the NIAC, some moral and some infrastructure-related.

On the moral side of things, the letter says the Trump administration has undermined the "moral infrastructure of the US" through Trump's remarks on Charlottesville, echoing the motivation behind a large group of business leaders leaving other Trump administration positions.

Infrastructure concerns were the primary issues stated, namely that the Trump administration "has not demonstrated that it is adequately attentive to the pressing national security matters within the NIAC's purview, or responsive to sound advice received from experts and advisors on these matters."

The letter further cites leaving the Paris Climate Accord, the revocation of flood-risk building standards, and ignoring the effects of climate change as risks to both physical and informational infrastructure.

A look into the State of Cyber-Security readiness

The resignations, which came one day before the release of an NIAC report on cybersecurity readiness, and the letter that accompanied them tilted toward moral indignation, but that indignation is simply part of the core problem the resignees reported: The administration isn't listening to the NIAC or other cyber-security professionals.

The timing of the resignations and the release of the NIAC report may well be coincidental, but that doesn't change the report's pessimistic tone, the report even says that interviews with government and industry security professionals was "an echo chamber, loudly reverberating what needs to be done to secure critical US infrastructure against aggressive and targeted cyber-attacks."

If properly harnessed, the report goes on, the cyber-security resources in the United States could be effective in preventing a large-scale attack, but harnessing them has been the problem thus far.

If those who resigned are correct in their assessment that the administration is largely ignoring, and even undermining, national cybersecurity efforts, we're in for a "watershed, 9/11-level cyber-attack," and the window we have to prevent it is closing.

With such an imminent threat on the horizon it's disheartening, even downright alarming, to see those who have the know-how to prevent it walking away in frustration. Moral indignation or not, these resignations should make us all nervous.

Top 3 Conclusions:

  1. Several members of the National Infrastructure Advisory Council resigned recently, citing dissatisfaction with the Trump administration's lack of attentiveness to national cyber-security threats.
  2. The resignations came a day before the release of an NIAC report on the state of US government cyber-security. The report says that all the necessary pieces are present, but that the government is falling short of using existing tools effectively.
  3. The resignations, followed by the report, should make anyone with an interest in cyber-security nervous: Even federal government-level experts are walking away in frustration at administration inaction.

TechRepublic:

You Might Also Read: 

Loss Of Cyber Expertise Is A Problem For Trump:

Trump Signs Cybersecurity Order:

 

« AI Attacks Are Just Around The Corner
Businesses Need Cyber Insurance – Now! »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Kirkland & Ellis

Kirkland & Ellis

Kirkland & Ellis LLP is an international law firm with offices in the USA, Europe and Asia. Practice areas include Data Security & Privacy.

Bloombase

Bloombase

Bloombase is the leading innovator in Next-Generation Data Security solutions for Global 2000-scale organizations

Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity provide solutions for Secure Networks, Secure Communications, Network Analysis, and Endpoint Security.

Mantix4

Mantix4

Mantix4’s M4 Cyber Threat Hunting Platform actively defends against cyber threats.

ReFoMa

ReFoMa

ReFoMa is a consultancy and advisory company with a focus on information Security.

Acreto

Acreto

Acreto is an end-to-end security infrastructure that protects all your technologies with a single, simple cloud service.

blueAllianceIT

blueAllianceIT

blueAlliance IT is an investment and growth platform that unites local MSP and IT companies around the nation, helping them to grow and operate competitively.

Kirk ISS

Kirk ISS

Kirk ISS are the leading provider of IT services in the Cayman Islands. We offer best-in class hardware, software, communications and cloud computing, all backed by professional services support.

Access Venture Partners

Access Venture Partners

Access Venture Partners are an early stage VC firm investing in bold founders and helping every step of the way. Areas we give special focus to include cybersecurity.

Fletch

Fletch

Fletch’s AI tracks the evolving cybersecurity threat landscape by reading and interpreting every threat article every day and matching those threats to a company’s exposure.

Redington

Redington

Redington offer products and services in solution areas including digital transformation, hybrid infrastructure and cybersecurity.

Synagex

Synagex

Synagex Modern IT is a simple IT and cybersecurity solution for businesses.

Breathe Technology

Breathe Technology

Breathe Technology has been providing Managed IT Support/ Service Desk, Cloud Services, Cyber Security & Communications to businesses and schools since 2003.

Windstream

Windstream

Windstream is a leading provider of advanced network communications and technology solutions for consumers, small businesses, enterprise organizations and carrier partners across the US.

Boo Consulting

Boo Consulting

Boo Consulting is a trusted privacy and risk consultancy firm. We are driven to help you find an appropriate solution that will suit your budget and requirements.

Ciena

Ciena

Ciena is a global leader in optical and routing systems, services, and automation software. We build the world’s most adaptive networks to address ever-increasing digital demands.