Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

4/17/2018
06:50 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Trump Administration Cyber Czar Rob Joyce to Return to the NSA

First year of Trump White House's cybersecurity policy mostly followed in the footsteps of the Obama administration.

RSA CONFERENCE 2018 – San Francisco – White House cybersecurity coordinator for the National Security Council and former National Security Agency official Rob Joyce plans to step down from his post and rejoin the intelligence agency.

Joyce, who was widely respected among cybersecurity industry experts, left on the heels of his supervisor, Tom Bossert, homeland security advisor, this month after President Trump named John Bolton as his new National Security Advisor replacing H.R. McMaster. While Bossert's departure is believed to be tied to Bolton's arrival, Trump administration officials have said Joyce is leaving on his own accord, and will remain in his position until Bolton selects a replacement.

Kirstjen Nielsen, who delivered a keynote address here today, told reporters that Joyce likely will remain on the job at the White House for another 30 days.

Joyce, the former chief of the NSA's elite hacking team's office of Tailored Access Operations (TAO), led the administration's cyber security policy for the past year for the White House. Overall, Trump's cybersecurity policy didn't veer much away from that of his predecessor: his May 2017 Executive Order for the most part echoes and builds on policies of previous administrations, including FISMA and the Obama administration's critical infrastructure EO. 

The White House initially extended Obama's December 2016 "national emergency" EO that ultimately led to sanctions against Russia for hacking and other attempts to tamper with the outcome of the US election. In March of this year - one year later - the administration levied financial sanctions of its own against five organizations and 15 individuals in Russia, and also issued an alert on that nation's targeting of US critical infrastructure and energy networks.

Five Russians named by the administration in its sanctions move had previously been sanctioned under the Obama administration.

Joan O'Hara, acting National Security advisor to the Office of the Vice President, here today made it clear the administration considers cyberthreats a priority. "The administration is very clear-eyed about the threats we face from nation-states," O'Hara said today prior to a federal cyberattack threat simulation exercise at the RSA Conference. "Cyberattacks are among the most serious attacks we face in terms of national security … The administration takes this very seriously and is doing a lot to face this challenge."

Among the Trump administration's efforts, she said, are calling out malicious nation-state actors, and placing sanctions on those adversaries, in an apparent nod to recent sanctions on Russian and Iranian officials for their attacks on US organizations and agencies. "President Trump has elevated the US CyberCommand," she noted, and is working to improve the security of federal agency networks as well as helping the private sector "leverage the best of American skill and ingenuity," she said.

Suzanne Spaulding, former DHS undersecretary for the National Protection and Programs Directorate (NPPD) in the Obama administration, said in an interview here that there's been "a lot of continuity" with the current administration's cybersecurity policy and activity with that of Obama's.

Spaulding, who is now a senior advisor for the Center for Strategic and International Studies, said she's not concerned about the current administration turning up the heat on nation-state adversaries: "I don't worry they aren't going to be proactive" or aggressive in their cyber response, she said. "But I do worry whether they have the 'troops' in place. So they may have the intentions and instincts … but you really do need to have people confirmed in positions to implement it."

"I feel good about the team at DHS, and the Secretary Nielsen has a cyber background. My sense is they are moving out in really smart ways," she said.

Michael Daniel, who served as Obama's cybersecurity coordinator, pointed to a tradition of relative continuity down the line of presidents, from Bill Clinton to George W. Bush, Obama, and then Trump. "Most policy changes tend to be evolutionary versus revolutionary," Daniel said of US cybersecurity policy. Even so, he said, "Rob's departure is going to slow down policy work," in the interim.

Bossert's and Joyce's departures come at a sensitive time geopolitically, given tensions between the US and Russia, North Korea, and Iran. "My question is where is the overall cybersecurity policy?" says Chris Pierson, CEO of Binary Sun Cyber Risk Advisors.

Related Content:

Interop ITX 2018

Join Dark Reading LIVE for a two-day Cybersecurity Crash Course at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the agenda here. Register with Promo Code DR200 and save $200.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Stop Defending Everything
Kevin Kurzawa, Senior Information Security Auditor,  2/12/2020
Small Business Security: 5 Tips on How and Where to Start
Mike Puglia, Chief Strategy Officer at Kaseya,  2/13/2020
Architectural Analysis IDs 78 Specific Risks in Machine-Learning Systems
Jai Vijayan, Contributing Writer,  2/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9007
PUBLISHED: 2020-02-16
Codoforum 4.8.8 allows self-XSS via the title of a new topic.
CVE-2020-9012
PUBLISHED: 2020-02-16
A cross-site scripting (XSS) vulnerability in the Import People functionality in Gluu Identity Configuration 4.0 allows remote attackers to inject arbitrary web script or HTML via the filename parameter.
CVE-2019-20456
PUBLISHED: 2020-02-16
Goverlan Reach Console before 9.50, Goverlan Reach Server before 3.50, and Goverlan Client Agent before 9.20.50 have an Untrusted Search Path that leads to Command Injection and Local Privilege Escalation via DLL hijacking.
CVE-2020-8996
PUBLISHED: 2020-02-16
AnyShare Cloud 6.0.9 allows authenticated directory traversal to read files, as demonstrated by the interface/downloadwithpath/downloadfile/?filepath=/etc/passwd URI.
CVE-2020-8997
PUBLISHED: 2020-02-16
Abbott FreeStyle Libre 14-day before February 2020 and FreeStyle Libre 2 before February 2020 allow remote attackers to enable write access via a specific NFC unlock command.