Trump's Top Cybersecurity Advisors Resign

Several members of the National Infrastructure Advisory Council (NIAC), a Homeland Security advisory body, resigned recently.

An unsigned resignation letter obtained by Nextgov gives several reasons for the resignation, including the Trump administration's lack of attentiveness to critical infrastructure and President Trump's recent comments in the wake of unrest in Charlottesville.

Image: Gage Skidmore

The NIAC's role is to advise the president, through the Department of Homeland Security (DHS), on "the security of the critical infrastructure sectors and their information systems."

A majority of security analysts say the US is likely to suffer a cyber-attack targeting infrastructure in the next two years, making the NIAC's role a critical one. Eight members of the 28-member council resigned, which should be enough to make any security professional concerned for the security of US infrastructure.

Why the NIAC Members Resigned

The resignation letter lists several reasons why the writers stepped down from the NIAC, some moral and some infrastructure-related.

On the moral side of things, the letter says the Trump administration has undermined the "moral infrastructure of the US" through Trump's remarks on Charlottesville, echoing the motivation behind a large group of business leaders leaving other Trump administration positions.

Infrastructure concerns were the primary issues stated, namely that the Trump administration "has not demonstrated that it is adequately attentive to the pressing national security matters within the NIAC's purview, or responsive to sound advice received from experts and advisors on these matters."

The letter further cites leaving the Paris Climate Accord, the revocation of flood-risk building standards, and ignoring the effects of climate change as risks to both physical and informational infrastructure.

A look into the State of Cyber-Security readiness

The resignations, which came one day before the release of an NIAC report on cybersecurity readiness, and the letter that accompanied them tilted toward moral indignation, but that indignation is simply part of the core problem the resignees reported: The administration isn't listening to the NIAC or other cyber-security professionals.

The timing of the resignations and the release of the NIAC report may well be coincidental, but that doesn't change the report's pessimistic tone, the report even says that interviews with government and industry security professionals was "an echo chamber, loudly reverberating what needs to be done to secure critical US infrastructure against aggressive and targeted cyber-attacks."

If properly harnessed, the report goes on, the cyber-security resources in the United States could be effective in preventing a large-scale attack, but harnessing them has been the problem thus far.

If those who resigned are correct in their assessment that the administration is largely ignoring, and even undermining, national cybersecurity efforts, we're in for a "watershed, 9/11-level cyber-attack," and the window we have to prevent it is closing.

With such an imminent threat on the horizon it's disheartening, even downright alarming, to see those who have the know-how to prevent it walking away in frustration. Moral indignation or not, these resignations should make us all nervous.

Top 3 Conclusions:

  1. Several members of the National Infrastructure Advisory Council resigned recently, citing dissatisfaction with the Trump administration's lack of attentiveness to national cyber-security threats.
  2. The resignations came a day before the release of an NIAC report on the state of US government cyber-security. The report says that all the necessary pieces are present, but that the government is falling short of using existing tools effectively.
  3. The resignations, followed by the report, should make anyone with an interest in cyber-security nervous: Even federal government-level experts are walking away in frustration at administration inaction.

TechRepublic:

You Might Also Read: 

Loss Of Cyber Expertise Is A Problem For Trump:

Trump Signs Cybersecurity Order:

 

« AI Attacks Are Just Around The Corner
Businesses Need Cyber Insurance – Now! »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Lutech

Lutech

Lutech is an Italian ICT engineering and services company. Business solution areas include cyber security.

Nuvias Group

Nuvias Group

Nuvias Group is a specialist value-addedd IT distribution company offering a service-led and solution-rich proposition ready for the new world of technology supply.

ObjectSecurity

ObjectSecurity

ObjectSecurity is a leader in authorization policy automation. With OpenPMF, you can manage application security policies for access control and auditing.

Secure Innovations

Secure Innovations

Secure Innovations is a cybersecurity firm dedicated to providing top-tier cyber security solutions for the Defense and the Intelligence Community.

Cyxtera Technologies

Cyxtera Technologies

Cyxtera offers powerful, secure IT infrastructure capabilities paired with agile, dynamic software-defined security.

Vuntie

Vuntie

Vuntie blend European craftsmanship, performance and open-source technology to deliver cybersecurity services including penetration testing, incident response, training and consultancy.

Asia Center of Excellence for Smart Technologies (ACES)

Asia Center of Excellence for Smart Technologies (ACES)

ACES is a one-stop competency center and incubator for the development of Industry 4.0 and associated technologies including cybersecurity, robotics, IoT and Big Data.

Evolution Equity Partners

Evolution Equity Partners

Evolution Equity Partners is an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies.

Clear Skye

Clear Skye

Clear Skye, an Identity Access and Management (IAM) software company, reimagines enterprise identity access and risk management software to make a complicated problem easier to manage.

BastionZero

BastionZero

BastionZero is leveraging cryptography to reimagine the tools used to manage remote access to servers, containers, clusters, applications and databases across cloud and on-prem environments.

Sotero

Sotero

Sotero is the first cloud-native, zero trust data security platform that consolidates your entire security stack into one easy-to-manage environment.

Northrop Grumman

Northrop Grumman

Northrop Grumman is a global provider and integrator of complex, advanced and rapidly adapting information technology, cybersecurity, mobility and optimized services and solutions.

NexGen Cyber

NexGen Cyber

NexGen Cyber helps customers in commercial SMB markets with IT security, security integration, service management, outsourced service transition, and transformative security solutions.

Iolo

Iolo

Iolo develops patented technology and award-winning software that repairs, optimizes, and protects computers, to maximize system speed and performance while keeping them safe.

View

View

View is the leader in smart building technologies including OT cybersecurity to securely connect buildings to the cloud and manage building networks and OT devices.

Aspiron Search

Aspiron Search

Aspiron Search is a niche-focused Cybersecurity search firm that works exclusively with venture-backed Cybersecurity firms.