Perimeter

4/17/2018
06:50 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Trump Administration Cyber Czar Rob Joyce to Return to the NSA

First year of Trump White House's cybersecurity policy mostly followed in the footsteps of the Obama administration.

RSA CONFERENCE 2018 – San Francisco – White House cybersecurity coordinator for the National Security Council and former National Security Agency official Rob Joyce plans to step down from his post and rejoin the intelligence agency.

Joyce, who was widely respected among cybersecurity industry experts, left on the heels of his supervisor, Tom Bossert, homeland security advisor, this month after President Trump named John Bolton as his new National Security Advisor replacing H.R. McMaster. While Bossert's departure is believed to be tied to Bolton's arrival, Trump administration officials have said Joyce is leaving on his own accord, and will remain in his position until Bolton selects a replacement.

Kirstjen Nielsen, who delivered a keynote address here today, told reporters that Joyce likely will remain on the job at the White House for another 30 days.

Joyce, the former chief of the NSA's elite hacking team's office of Tailored Access Operations (TAO), led the administration's cyber security policy for the past year for the White House. Overall, Trump's cybersecurity policy didn't veer much away from that of his predecessor: his May 2017 Executive Order for the most part echoes and builds on policies of previous administrations, including FISMA and the Obama administration's critical infrastructure EO. 

The White House initially extended Obama's December 2016 "national emergency" EO that ultimately led to sanctions against Russia for hacking and other attempts to tamper with the outcome of the US election. In March of this year - one year later - the administration levied financial sanctions of its own against five organizations and 15 individuals in Russia, and also issued an alert on that nation's targeting of US critical infrastructure and energy networks.

Five Russians named by the administration in its sanctions move had previously been sanctioned under the Obama administration.

Joan O'Hara, acting National Security advisor to the Office of the Vice President, here today made it clear the administration considers cyberthreats a priority. "The administration is very clear-eyed about the threats we face from nation-states," O'Hara said today prior to a federal cyberattack threat simulation exercise at the RSA Conference. "Cyberattacks are among the most serious attacks we face in terms of national security … The administration takes this very seriously and is doing a lot to face this challenge."

Among the Trump administration's efforts, she said, are calling out malicious nation-state actors, and placing sanctions on those adversaries, in an apparent nod to recent sanctions on Russian and Iranian officials for their attacks on US organizations and agencies. "President Trump has elevated the US CyberCommand," she noted, and is working to improve the security of federal agency networks as well as helping the private sector "leverage the best of American skill and ingenuity," she said.

Suzanne Spaulding, former DHS undersecretary for the National Protection and Programs Directorate (NPPD) in the Obama administration, said in an interview here that there's been "a lot of continuity" with the current administration's cybersecurity policy and activity with that of Obama's.

Spaulding, who is now a senior advisor for the Center for Strategic and International Studies, said she's not concerned about the current administration turning up the heat on nation-state adversaries: "I don't worry they aren't going to be proactive" or aggressive in their cyber response, she said. "But I do worry whether they have the 'troops' in place. So they may have the intentions and instincts … but you really do need to have people confirmed in positions to implement it."

"I feel good about the team at DHS, and the Secretary Nielsen has a cyber background. My sense is they are moving out in really smart ways," she said.

Michael Daniel, who served as Obama's cybersecurity coordinator, pointed to a tradition of relative continuity down the line of presidents, from Bill Clinton to George W. Bush, Obama, and then Trump. "Most policy changes tend to be evolutionary versus revolutionary," Daniel said of US cybersecurity policy. Even so, he said, "Rob's departure is going to slow down policy work," in the interim.

Bossert's and Joyce's departures come at a sensitive time geopolitically, given tensions between the US and Russia, North Korea, and Iran. "My question is where is the overall cybersecurity policy?" says Chris Pierson, CEO of Binary Sun Cyber Risk Advisors.

Related Content:

Interop ITX 2018

Join Dark Reading LIVE for a two-day Cybersecurity Crash Course at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the agenda here. Register with Promo Code DR200 and save $200.

Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Google Engineering Lead on Lessons Learned From Chrome's HTTPS Push
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
White Hat to Black Hat: What Motivates the Switch to Cybercrime
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
PGA of America Struck By Ransomware
Dark Reading Staff 8/9/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Now about that mortgage refinance offer from Wells Fargo .....
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-6970
PUBLISHED: 2018-08-13
VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privil...
CVE-2018-14781
PUBLISHED: 2018-08-13
Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G The models identified above, when paired with a remote controller and having the "easy bolus" and "remote bolu...
CVE-2018-15123
PUBLISHED: 2018-08-13
Insecure configuration storage in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118 allows remote attacker perform new attack vectors and take under control device and smart home.
CVE-2018-15124
PUBLISHED: 2018-08-13
Weak hashing algorithm in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118 allows unauthenticated attacker extract clear text passwords and get root access on the device.
CVE-2018-15125
PUBLISHED: 2018-08-13
Sensitive Information Disclosure in Zipato Zipabox Smart Home Controller allows remote attacker get sensitive information that expands attack surface.