RIP Cyber Coordinator: An Obituary
MAY 17, 2018 | JASON HEALEY
Rest in peace, Cyber Coordinator. The White House’s Special Assistant to the
President and Cyber Coordinator has now been eliminated, apparently ending (or
more likely pausing) a two-decade history. It will widely be reckoned as a
hideous mistake but not perhaps the one which most needs our immediate
The position of cyber coordinator dates back to recommendations from the
pivotal President’s Commission on Critical Infrastructure Protection (PCCIP) of
1997, which reported that “capability to do harm—particularly through
information networks—is real; it is growing at an alarming rate; and we have
little defense against it” and therefore recommended “a top-level policy making
office in the White House” for cyber and infrastructure protection.
The following year, President Bill Clinton picked up this recommendation in
PPD-63: a “National Coordinator [for cyber and infrastructure protection] will
be appointed by me and report to me through the Assistant to the President for
National Security Affairs,” that is, working in the White House and reporting
through his National Security Advisor (APNSA).
The National Coordinator so chosen was Richard A. Clarke, then the
counter-terrorism coordinator and the only person to hold the role that lived
up to the billing of “Cyber Czar.” (Though my colleague Bob Gourley quipped
nearly a decade ago that the United States has long had a cyber czar: Vladimir
Putin, as his spies are in so many US networks.) Within the White House, the
early cyber role fell under infrastructure protection, with Howard Schmidt
being an early advisor, in 2001, as was Marc Sachs and other now-famous cyber
When I arrived at the White House in 2003, my title flip-flopped a bit between
Director of “Critical Infrastructure Protection” or “Cyber Infrastructure
Protection” depending on the day’s agenda. Paul Kurtz and Paul Nicholas held
the job of Special Assistant to the President (or Senior Director) for Critical
Infrastructure Protection, reporting not to the National Security Advisor, but
the post-9/11 role of Assistant to the President for Homeland Security and
Counterterrorism (APHSCT). After I departed, Tom Bossert (a future APHSCT
himself) joined the office.
The office only handled some cyber issues. Some parts of response and recovery
was overseen by another group, soon to be run by Kirstjen Nielsen (now the
Secretary of DHS), while the oversight of cyber offense and intelligence were
run from the NSC directorates handling those issues, and reporting separately
to the National Security Advisor.
The process of an independent Cyber Coordinator bringing together all this work
perhaps began with the work by Melissa Hathaway and others on the Comprehensive
National Cybersecurity Initiative, a massive (and then-classified) effort of
the administration of George W. Bush for an “enduring and comprehensive
approach to cybersecurity that anticipates future cyber threats and
technologies and involves applying all elements of national power and influence
to secure our national interests in cyberspace.”
The new administration of Barrack Obama continued the work of CNCI but named
Hathaway as Acting Senior Director for Cyberspace, reporting to both the
national security and homeland security advisors, to develop a new 60-Day
Cyberspace Policy Review. Most critically, the document was clear that “The
White House must lead the way forward,” with “leadership that draws upon the
strength, advice, and ideas of the entire Nation.”
Accordingly, the top recommendation was “Appoint a cybersecurity policy
official responsible for coordinating the Nation’s cybersecurity policies and
activities; establish a strong NSC directorate, under the direction of the
cybersecurity policy official [and] to coordinate interagency development of
cybersecurity-related strategy and policy.” By the end of the year, President
Obama had brought Howard Schmidt back to the White House to fulfill this pledge.
Schmidt held the job for nearly two years before being replaced by Michael
Daniel, an official from the Office of Management and Budget, in 2012. After
the election of Donald Trump, Rob Joyce, from the National Security Agency,
took the job in March 2018 and reported to Tom Bossert, the Homeland Security
Advisor, until Bossert’s sudden ouster by John Bolton, President Trump’s third
National Security Advisor in only fifteen months.
Collectively these Cyber Coordinators (and their predecessors) have overseen an
amazing amount of work: countless new policy directives, strategies, and
initiatives that have helped meet the challenge noted by the PCCIP in 1997.
Since 2009, what these officials had in common was a united directorate
overseeing all aspects of cyber, both defensive and offensive, so they were
relatively strong bureaucratic players, able to work the “interagency process”
to bring the various departments and agencies together. This is the first and
main casualty of the Trump administration’s elimination of the position.
The loss will perhaps most quickly be felt in cyber incident response, as the
Cyber Coordinator oversaw the Cyber Response Group to handle routine and
emergency cyber crises. It also will mean that whichever department currently
most has the President’s ear will likely most get its way – right now in cyber
policy, that most likely means the Department of Defense. The normal
interagency process to balance these interests and options will be seriously
weakened. Federal cybersecurity, international coordination, cyber workforce …
all will be hampered.
The White House has not needed to “streamline authority” because “cyber
coordination is already a core capability,” as it was put in the memo
announcing the change to the NSC. In fact, both of the most recent major
policy commissions (one by the CSIS think tank and the other led by Tom Donilon
and Sam Palmisano) recommended elevating the role of coordinator to be its own
Assistant to the President, not eliminating it.
The Bolton position seems to be for a smaller, leaner NSC to better empower the
Cabinet. However, this only makes sense when the Cabinet is functioning
smoothly and well, not something that can easily be said for the first 15
months of the Trump administration. When the Cabinet is chaotic, the White
House must be larger and stronger, to be able to effectively convene and bring
the clashing departments and agencies together. That cannot be done by demoting
the person in charge.
Bolton is not just getting rid of the Cyber Coordinator role. So far, no
replacement have been named for the even more important Homeland Security
Advisor position. The APHSCT didn’t just oversee cybersecurity, but other
critical issues like hurricane response as well.
As a former White House cyber official noted to me, if this position is also
eliminated, it means that working homeland security issues will have no direct
access to the President; no direct access to the National Security Advisor,
having to go through the Deputy, Mira Ricardel (who has little or no homeland
security or cyber expertise); and no participation in senior staff meetings.
This equates to the bureaucratic wilderness.
National security and homeland security (including cyber) are not alike. As
former DHS deputy secretary Jane Lute puts it, national security is “strategic,
centralized, top-driven; it’s about all of us,” while “homeland security is
operational, decentralized, bottom-driven; it’s about each of us.” Moreover, in
national security “there’s unity of command. In homeland security, it’s a unity
These differences are critical. Eliminating the position of Cyber Coordinator
is a step back and one that will certainly be reversed in future, whether by
this president or the next. The possible elimination of the Homeland Security
Advisor is even more questionable. Storm season is coming, either a
metaphorical cyber storm or a literal hurricane. This White House is far less
able to deal with either.
Infowarrior mailing list