Top cyber slots still unfilled amid multiple crises

Chris Krebs, the former CISA director, has been vocal in recent months about the need for his old job to be filled in short order while the administration confronts multiple cybersecurity problems within the federal government.

Shutterstock image ID: 569172169 By Zenzen

Christopher Krebs, the former director of the Cybersecurity and Infrastructure Security Agency, is continuing to call on the Biden administration to nominate someone to fill his old post, citing the job's importance in shaping the federal government's future networks.

There is a "need for somebody to be setting a vision for what the federal civilian executive branch, the dot-gov, what does it look like in three to four to five years?" Krebs said on Wednesday during a virtual forum hosted by the Center for Strategic and International Studies. "How do we set budgets across the various agencies so they're putting their part into the pot?"

He cited issues with agencies "paying up for some of the security services that CISA has been offering through" the Continuous Diagnostic and Mitigation program.

A group of lawmakers have also grown frustrated with the lack of a CISA nominee as well as a national cyber director. Although, Krebs last week said on Twitter the establishment of a national cyber director is one of the few recommendations that he disagreed with from the congressional Cyberspace Solarium Commission.

Media reports in February indicated President Joe Biden intends to nominate Department of Homeland Security veteran and Washington lawyer Rob Silvers as CISA's next director.

With neither a permanent CISA director or national cyber director in place, Anne Neuberger, the deputy national security advisor for cyber and emerging technology, has led the government's response to the cybersecurity issues it is facing.

Neuberger has largely earned praise from lawmakers and analysts for her work, but Michael Daniel, formerly a cybersecurity official on the National Security Council and now president and CEO of the Cyber Threat Alliance, said during the same panel the National Security Council cybersecurity lead is not a sufficient replacement for the anticipated national director.

There are two things, he said, that the NSC is not well-positioned to do: interacting with the private sector and interacting with Congress.

"That's why I think having a national cyber director that is an office within the broader executive office of the president -- so those set of agencies that directly support the White House -- is critically important because it can take on those functions," Daniel said.