At a time when global cyber threats seem to be emerging everywhere, the U.S. White House appears to be ignoring the potential risk of a cyber attack carried on the White House’s computer networks. What is most alarming is a recent exodus of at least a dozen senior cyber security officials, all of them former members of the Office of the Chief Information Security Officer (OCISO). In July 2019, the White House carried out a reorganization, in which these members of the White House cyber security team were shifted into the Office of the Chief Information Officer (OCIO). In the aftermath of this shakeup, former OCISO officials have had their scope of duties removed, and many of their security privileges revoked. All of this is setting up a situation where members of the U.S. Congress are starting to wonder about the long-term security posture of the White House.
The politicization of cyber security
There’s a lot to unpack here, primarily due to the rampant partisan politics in Washington, D.C. On one hand, the Trump Administration has characterized the reorganization of the OCISO cyber security team as simply a way to improve the overall efficiency and productivity of the White House’s cyber activities and a better way to protect White House computers. Why have two different cyber security teams – the OCISO and the OCIO – carrying out nearly the same duties? There’s a lot of redundancy and inefficiency here, right?
On the other hand, opponents of the Trump Administration suggest that the forced exodus of cyber staffers to the private sector is part of a bigger conspiracy, in which the Trump team is attempting to cover up its cyber tracks, make it harder to find transcripts and records, and create an overall culture of fear in the White House. California Democrat Ted Lieu – a vocal opponent of President Trump – has even written directly to White House Chief of Staff Mick Mulvaney, with a series of questions about the state of White House cyber security. One subtext of all this questioning, of course, is that the Trump Administration is specifically taking steps to make the White House easier to hack by the Russians.
Complicating matters, of course, is the fact that the OCISO cyber security team is comprised primarily of holdovers from the Obama Administration. That might explain why members of this team are having their security access privileges reduced, and why they are systematically being pushed out of their jobs. The Trump White House – concerned about rampant leaks of memos and transcripts – perhaps views the OCISO team as a sort of “Deep State” element that is responsible, in one way or another, for some of the leaks in Washington, D.C. right now. Keep in mind – the OCISO team was put into place in 2014 by President Barack Obama, in response to a Russian intelligence probe of the White House’s computer networks.
The leaked memo of the White House cyber security team
Until recently, all of these political machinations took place behind the scenes, outside of public view. But the ongoing exodus of talent – in which the most prominent members of the White House cyber security team are leaving very publicly, in a way that is designed to embarrass the White House – has, of course, produced a leak of its own. The resignation letter of former White House cyber security official Dimitrios Vastakis has been leaked to the media, and it makes for some great political theater. The senior staffer says the current lack of security practices at the White House is “highly concerning.” He suggests that many of the changes in the White House cyber security team were being made in the name of convenience, not security. And he wraps up the memo by making a very grim prognostication: “I foresee the White House is posturing itself to be electronically compromised again.”
The implication here, of course, is that all of America’s adversaries – especially the Russians – are carefully watching all of this take place, and are already preparing a new wave of cyber attacks to probe the White House. As each new resignation memo gets leaked to the media, it will only embolden them to seek out weaknesses in the way that the White House protects sensitive communications about foreign, military or diplomatic strategy.
Trump, the White House and national cyber security policy
One thing is certain: the Trump White House has launched an entirely new cyber security strategy than the one that was in place under President Obama. Under Obama, for example, there was a single “cyber security czar” who acted as the national coordinator of all cyber security policies. This same person was responsible for wearing a wide range of different hats – from securing the cyber defenses of the nation’s infrastructure to carrying out cyber attacks against rogue nation-states.
Under President Trump and former NSA Advisor John Bolton, though, the goal was to phase out this centralized cyber security coordinator role and, instead, delegate all of those duties to National Security Council (NSC) senior directors. This would effectively “decentralize” the nation’s cyber security policy. It’s not necessarily the case, however, that it would weaken the nation’s cyber posture. Moreover, under President Trump, the focus of national cyber security has shifted from defense to a more offensive strategy, and this too, has created a need for cyber security team shakeups.
Creating the right cyber security team to deal with external threats
No matter which side of the political aisle you favor, one fact remains unchallenged by either side: the cyber threat landscape is more complex and more dangerous than at any time in history. Within this context, it’s perfectly legitimate to ask what the White House is planning to do about its cyber security team, or to pose questions about the overall state of cyber security preparedness within the White House.
However, as noted above, the politicization of cyber security is now very real. Thanks to the higher profile of cyber security issues, there is possibly a situation in which various factions within the White House, NSA or Department of Homeland Security might be competing for power, influence, and the ability to control the future trajectory of U.S. cyber security policy. The recent exodus of one cyber security team from the White House may be just the first of many power struggles to come to 1600 Pennsylvania Avenue.