Trump's Top Cybersecurity Advisors Resign

Uploaded on 2017-09-07 in FREE TO VIEW, GOVERNMENT-National, NEWS-Cybersecurity News

Several members of the National Infrastructure Advisory Council (NIAC), a Homeland Security advisory body, resigned recently.

An unsigned resignation letter obtained by Nextgov gives several reasons for the resignation, including the Trump administration's lack of attentiveness to critical infrastructure and President Trump's recent comments in the wake of unrest in Charlottesville.

Image: Gage Skidmore

The NIAC's role is to advise the president, through the Department of Homeland Security (DHS), on "the security of the critical infrastructure sectors and their information systems."

A majority of security analysts say the US is likely to suffer a cyber-attack targeting infrastructure in the next two years, making the NIAC's role a critical one. Eight members of the 28-member council resigned, which should be enough to make any security professional concerned for the security of US infrastructure.

Why the NIAC Members Resigned

The resignation letter lists several reasons why the writers stepped down from the NIAC, some moral and some infrastructure-related.

On the moral side of things, the letter says the Trump administration has undermined the "moral infrastructure of the US" through Trump's remarks on Charlottesville, echoing the motivation behind a large group of business leaders leaving other Trump administration positions.

Infrastructure concerns were the primary issues stated, namely that the Trump administration "has not demonstrated that it is adequately attentive to the pressing national security matters within the NIAC's purview, or responsive to sound advice received from experts and advisors on these matters."

The letter further cites leaving the Paris Climate Accord, the revocation of flood-risk building standards, and ignoring the effects of climate change as risks to both physical and informational infrastructure.

A look into the State of Cyber-Security readiness

The resignations, which came one day before the release of an NIAC report on cybersecurity readiness, and the letter that accompanied them tilted toward moral indignation, but that indignation is simply part of the core problem the resignees reported: The administration isn't listening to the NIAC or other cyber-security professionals.

The timing of the resignations and the release of the NIAC report may well be coincidental, but that doesn't change the report's pessimistic tone, the report even says that interviews with government and industry security professionals was "an echo chamber, loudly reverberating what needs to be done to secure critical US infrastructure against aggressive and targeted cyber-attacks."

If properly harnessed, the report goes on, the cyber-security resources in the United States could be effective in preventing a large-scale attack, but harnessing them has been the problem thus far.

If those who resigned are correct in their assessment that the administration is largely ignoring, and even undermining, national cybersecurity efforts, we're in for a "watershed, 9/11-level cyber-attack," and the window we have to prevent it is closing.

With such an imminent threat on the horizon it's disheartening, even downright alarming, to see those who have the know-how to prevent it walking away in frustration. Moral indignation or not, these resignations should make us all nervous.

Top 3 Conclusions:

  1. Several members of the National Infrastructure Advisory Council resigned recently, citing dissatisfaction with the Trump administration's lack of attentiveness to national cyber-security threats.
  2. The resignations came a day before the release of an NIAC report on the state of US government cyber-security. The report says that all the necessary pieces are present, but that the government is falling short of using existing tools effectively.
  3. The resignations, followed by the report, should make anyone with an interest in cyber-security nervous: Even federal government-level experts are walking away in frustration at administration inaction.

TechRepublic:

You Might Also Read: 

Loss Of Cyber Expertise Is A Problem For Trump:

Trump Signs Cybersecurity Order:

 

« AI Attacks Are Just Around The Corner
Businesses Need Cyber Insurance – Now! »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Information Security Research Association (ISRA)

Information Security Research Association (ISRA)

ISRA is a non-profit organization focused on various aspects of Information Security including security research and cyber security awareness activities.

CLUSIF

CLUSIF

Clusif is the reference association for digital security in France. Its mission is to promote the exchange of ideas and feedback through working groups, conferences and publications.

Deltagon

Deltagon

Deltagon develops information security solutions to protect companies’ confidential information in e-communication and e-services.

Center for Cyber Safety and Education

Center for Cyber Safety and Education

The Center for Cyber Safety and Education works to ensure that people across the globe have a positive and safe experience online through our educational programs, scholarships, and research.

SANS CyberStart

SANS CyberStart

SANS CyberStart is a unique and innovative suite of tools and games designed to introduce children and young adults to the field of cyber security.

Cloud Box Technologies

Cloud Box Technologies

Cloud Box Technologies is one of the premier IT Infrastructure Solution providers in the Middle East.

BridgingMinds Network

BridgingMinds Network

BridgingMinds Network is an industry leading best practices and IT security training provider in Singapore.

Everything Blockchain

Everything Blockchain

Everything Blockchain offer solutions that transform enterprise data-management capabilities. Increased efficiency, super-charged performance and all with government grade security.

LANCOM Systems

LANCOM Systems

LANCOM Systems is the leading European manufacturer of secure, reliable and future-proof networking (WAN, LAN, WLAN) and firewall solutions for the public and private sectors.

Mirai Security

Mirai Security

Mirai Security are a cyber security company that specializes in Governance, Risk Management and Compliance, Cloud Security and Application Security.

IBM Security

IBM Security

IBM manufactures and markets computer hardware, middleware and software, and offers hosting and consulting services in areas ranging from mainframe computers to nanotechnology.

RELIANOID

RELIANOID

RELIANOID is an application delivery controller and load balancing system that ensures high performance and security of IT services on a massive scale.

Innerworks

Innerworks

Innerworks intelligent bot detection. Innerworks is building the future of behavioural data on web3.

Cure53

Cure53

Cure53 offers classic black-box penetration tests (zero-knowledge) as well as white-box tests and code audits.

BUI

BUI

BUI is a global technology consultancy and Cloud Solution Provider specialising in cloud, security, and networking solutions for mid-market and enterprise-level business across the world.

New York State Technology Enterprise Corporation (NYSTEC)

New York State Technology Enterprise Corporation (NYSTEC)

NYSTEC is a nonprofit technology consulting company, advising organizations, agencies, institutions, and businesses since 1996.