Senate Dem blasts Trump on cyber readiness

The top Democrat on the Senate Energy and Natural Resources Committee took aim at the Trump administration for what she called "inexcusable negligence" of the nation's cybersecurity needs.

In a statement released Aug. 28, Sen. Maria Cantwell (D-Wash.) said the administration ignored warnings from her and others in the lead-up to the sudden resignations last week of eight members of the National Infrastructure Advisory Council.

"For months I have repeatedly raised concerns about President Trump's lack of action with respect to preventing catastrophic cyberattacks against our country, and I have received zero response from the president," Cantwell said.

She referenced two letters she sent to the White House in March and June asking officials to direct the Energy Department to conduct an analysis of Russia's ability to conduct a cyberattack against the nation's energy infrastructure.

"We are deeply concerned that your administration has not backed up a verbal commitment prioritizing cybersecurity of energy networks and fighting cyber aggression with any meaningful action," Cantwell wrote in her June 22 letter.

In her Aug. 28 statement, she also pointed to the NIAC officials' letter of resignation, which alleges that the administration was not "attentive to the pressing national security matters within the NIAC's purview."

"Hopefully, this will be the wakeup call this administration needs to do their jobs and protect our country," Cantwell said.

Among those resigning from the board were former General Services Administration chief Dan Tangherlini, former U.S. Chief Data Scientist DJ Patil and Christy Goldfuss, who served as chairwoman of the Council on Environmental Quality under President Barack Obama.

Created by President George W. Bush in the wake of the 2001 terrorist attacks, NIAC advises the White House on security issues related to the nation's cyber and physical infrastructure. On Aug. 22, the council held a meeting during which officials warned that the nation was in a "pre-9/11 moment" with regard to protecting critical infrastructure from a cyberattack.

After that meeting, eight of the 28 members resigned, citing President Donald Trump's remarks following the violent protests in Charlottesville, Va., and "insufficient attention" to the nation's infrastructure security needs.

Gregory Touhill, who served as deputy assistant secretary for cybersecurity operations and programs at the Department of Homeland Security and then U.S. chief information security officer during the Obama administration, said the resignations give the Trump administration an opportunity to reshape the council's composition and mission.

He said he has learned that "you can effect more change from the inside than you can from the outside, so I'm hopeful that more folks will volunteer to contribute, serve and bring best practices from the private sector into the public sector," said Touhill, now president of Cyxtera's Federal Group.

The Trump administration has called for a unified cybersecurity strategy, and the president signed an executive order on May 11 directing the nation's top law enforcement and intelligence agencies to identify weaknesses in critical infrastructure cybersecurity.

It also requires DHS and the Commerce Department to produce a report on how to "promote appropriate market transparency of cybersecurity risk management practices by critical infrastructure entities, with a focus on publicly traded critical infrastructure entities."