Trump's Top Cybersecurity Advisors Resign

Uploaded on 2017-09-07 in FREE TO VIEW, GOVERNMENT-National, NEWS-Cybersecurity News

Several members of the National Infrastructure Advisory Council (NIAC), a Homeland Security advisory body, resigned recently.

An unsigned resignation letter obtained by Nextgov gives several reasons for the resignation, including the Trump administration's lack of attentiveness to critical infrastructure and President Trump's recent comments in the wake of unrest in Charlottesville.

Image: Gage Skidmore

The NIAC's role is to advise the president, through the Department of Homeland Security (DHS), on "the security of the critical infrastructure sectors and their information systems."

A majority of security analysts say the US is likely to suffer a cyber-attack targeting infrastructure in the next two years, making the NIAC's role a critical one. Eight members of the 28-member council resigned, which should be enough to make any security professional concerned for the security of US infrastructure.

Why the NIAC Members Resigned

The resignation letter lists several reasons why the writers stepped down from the NIAC, some moral and some infrastructure-related.

On the moral side of things, the letter says the Trump administration has undermined the "moral infrastructure of the US" through Trump's remarks on Charlottesville, echoing the motivation behind a large group of business leaders leaving other Trump administration positions.

Infrastructure concerns were the primary issues stated, namely that the Trump administration "has not demonstrated that it is adequately attentive to the pressing national security matters within the NIAC's purview, or responsive to sound advice received from experts and advisors on these matters."

The letter further cites leaving the Paris Climate Accord, the revocation of flood-risk building standards, and ignoring the effects of climate change as risks to both physical and informational infrastructure.

A look into the State of Cyber-Security readiness

The resignations, which came one day before the release of an NIAC report on cybersecurity readiness, and the letter that accompanied them tilted toward moral indignation, but that indignation is simply part of the core problem the resignees reported: The administration isn't listening to the NIAC or other cyber-security professionals.

The timing of the resignations and the release of the NIAC report may well be coincidental, but that doesn't change the report's pessimistic tone, the report even says that interviews with government and industry security professionals was "an echo chamber, loudly reverberating what needs to be done to secure critical US infrastructure against aggressive and targeted cyber-attacks."

If properly harnessed, the report goes on, the cyber-security resources in the United States could be effective in preventing a large-scale attack, but harnessing them has been the problem thus far.

If those who resigned are correct in their assessment that the administration is largely ignoring, and even undermining, national cybersecurity efforts, we're in for a "watershed, 9/11-level cyber-attack," and the window we have to prevent it is closing.

With such an imminent threat on the horizon it's disheartening, even downright alarming, to see those who have the know-how to prevent it walking away in frustration. Moral indignation or not, these resignations should make us all nervous.

Top 3 Conclusions:

  1. Several members of the National Infrastructure Advisory Council resigned recently, citing dissatisfaction with the Trump administration's lack of attentiveness to national cyber-security threats.
  2. The resignations came a day before the release of an NIAC report on the state of US government cyber-security. The report says that all the necessary pieces are present, but that the government is falling short of using existing tools effectively.
  3. The resignations, followed by the report, should make anyone with an interest in cyber-security nervous: Even federal government-level experts are walking away in frustration at administration inaction.

TechRepublic:

You Might Also Read: 

Loss Of Cyber Expertise Is A Problem For Trump:

Trump Signs Cybersecurity Order:

 

« AI Attacks Are Just Around The Corner
Businesses Need Cyber Insurance – Now! »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

A10 Networks

A10 Networks

A10 Networks is a leader in application networking, helping organizations of all sizes to accelerate, optimize and secure their applications.

Detectify

Detectify

Detectify is a web security service that simulates automated hacker attacks on your website, detecting critical security issues before real hackers do.

MKD-CIRT

MKD-CIRT

MKD-CIRT is the national Computer Incident Response Team for Macedonia.

OnSystem Logic

OnSystem Logic

OnSystem Logic has developed a unique, patent-pending solution to solve the problem of the exploitation of flaws in application software as a technique for cyber attacks.

StormWall

StormWall

StormWall is an Anti-DDoS protection service for websites and networks. We offer 100% protection from all types of DDoS attacks and 24/7 technical support.

MedCrypt

MedCrypt

MedCrypt are a team of medical device experts focused on bringing modern cybersecurity features to the next generation of healthcare technology.

APERIO

APERIO

APERIO, the global leader in industrial data integrity, helps its customers drive profitability and sustainability while mitigating risk in their industrial operations.

Fischer Identity

Fischer Identity

Fischer Identity provide identity & access management and identity governance administration solutions.

Krypsis

Krypsis

Krypsys is an information security company with a focus on helping you defend your information and data against emerging security threats.

Alias Robotics

Alias Robotics

Alias Robotics is a robot cyber security company. We deliver cyber security solutions for robots and robot components.

Apptega

Apptega

Apptega is an award-Winning Cybersecurity and Compliance Platform. Our mission is to make cybersecurity and compliance easy for everyone.

Cybaverse

Cybaverse

Cybaverse (formerly North Star Cyber Security) was founded to create the perfect blend of a Managed Security Service Provider (MSSP) and a Cyber Security Consultancy in one.

FTx Identity

FTx Identity

FTx Identity is the world's most advanced age verification technology (AVT) and identity management system.

CYTUR

CYTUR

CYTUR provide trusted and secured maritime cybersecurity solutions to keep ships safe, protecting them, their crews, cargo and all stakeholders from maritime cyber threats.

Zafran

Zafran

Zafran is a Risk & Mitigation Platform that defuses threat exploitation by mobilizing existing security tools.

Infosec Ventures

Infosec Ventures

Infosec Ventures incubates and scales cyber security innovators that solve inefficiencies in cyber security.