DHS Nominee Would Be Agency’s First Homegrown Cyber Leader

President Donald Trump’s pick to lead the Homeland Security Department could mark a tectonic shift in the amount and type of focus government places on its cyber protections, former officials told Nextgov Thursday.

Trump appointed Kirstjen Nielsen, a former Homeland Security chief of staff and now deputy chief of staff at the White House, to succeed her old boss John Kelly on Wednesday. Nielsen has also worked extensively in the private sector on cybersecurity and critical infrastructure protection and served on President George W. Bush’s Homeland Security Council.

That means that, for the first time in its 14-year history, the government’s lead civilian cybersecurity agency will be helmed by someone who not only worked at the agency itself but has an extensive background in cybersecurity and homeland security issues.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

“It helps when you don’t have to learn on the job,” said Frank Cilluffo, director of George Washington University’s Center for Cyber and Homeland Security and a Bush administration cyber adviser.

“She can jump right into this issue and go toe to toe with the folks at NCCIC,” Cilluffo said, referring to Homeland Security’s main cyber operations division, the National Cybersecurity and Communications Integration Center. “It’s helpful, I think, to be able to speak the same language as not only the policy advisers but also those who are technically dealing with these issues.”

Nielsen worked with Cilluffo at George Washington University before joining the Trump administration.

Trump praised Nielsen’s background in cybersecurity and infrastructure protection in his statement announcing the nomination Wednesday. That was echoed Thursday by lawmakers, including Senate Homeland Security Chairman Ron Johnson, R-Wisc., and Senate Commerce Committee Chairman John Thune, R-S.D.

Nielsen’s background could be especially helpful in convincing other cabinet secretaries to devote more scarce resources to cyber protections or to plug into governmentwide cyber support programs offered by Homeland Security, said Robert Knake, a former cybersecurity director on President Barack Obama’s National Security Council.

That’s a core mission for Homeland Security, which is the lead agency responsible for protecting civilian government networks.  

“Having the deep understanding from a practitioner’s perspective will be valuable in making those one-on-one hard pitches to a reluctant agency,” Knake said.

Nielsen’s background can also be valuable in recruiting top cyber talent to the department, Knake said, both by using her own Rolodex and by demonstrating to the broader security community that the department wants its help.

As someone well versed in the nuances of cybersecurity, Nielsen may also have an advantage urging the private sector to cooperate with the government on cybersecurity matters, said Megan Stifel, a former director for international cyber policy on the National Security Council during the Obama administration and an attorney in the Justice Department’s national security division.

That will be especially helpful in the voluntary cyber assistance Homeland Security offers organizations in critical infrastructure sectors such as energy and transportation, she said. It may also be valuable in the department’s efforts to share cyber threat information with the private sector more broadly, she said.

“This is the first time we’ve had somebody who has actually worked in the field before, someone who’s of the 9/11 generation—not Vietnam or the Cold War—and that shapes her perception of national security,” Knake said. “I think that’s going to be a tremendous advantage.”