INTERVIEW Uncle Sam’s cybersecurity apparatus can’t only focus on China and other nation-state actors, but also has to fight the much bigger damage from plain old cybercrime, says former White House advisor Michael Daniel. And the Trump administration’s steep cuts to federal government staff are making that a lot harder.
Daniel currently leads the Cyber Threat Alliance, a nonprofit threat-intel-sharing organization. Before he took that role, he served as special assistant to President Obama and cybersecurity coordinator on the National Security Council staff between 2012 and 2017.
He agrees that China poses the single greatest threat we face in cyberspace, surpassing the Russians. But they’re far from the only threat.
“And certainly, a country like the United States with the scope and scale of our national interest, our economic interests, our public health and safety – we’ve got to be able to do the equivalent of walk and chew gum at the same time,” he continued.
“We’ve got to be able to focus on and have capacity for more than one adversary. We cannot take our eyes off, or should not take our eyes off, Russia, Iran, North Korea, or the large number of cyber criminal organizations that are out there,” Daniel told The Register.
“For a manufacturing or retail company somewhere in the United States, by far, your greatest threat is cybercrime, probably in the form of ransomware, but also in the form of business email compromise,” Daniel said.
This varies by sector – tech firms, for example, also face the risk of IP theft from China. But for most US organizations, “cybercrime activities are orders of magnitude larger than anything that the nation states are doing,” he noted.
Fighting all these threats is going to be harder as the Trump administration slashes government spending. “The reductions across the board in the federal government are going to negatively affect cybersecurity, both for the federal government itself and for the nation as a whole,” Daniel said.
“In particular, the reductions at the Cybersecurity and Infrastructure Security Agency, CISA, will have some negative impacts, but it’s also occurring at the sector-risk management agencies that were already stretched pretty thin in terms of their cyber capabilities to begin with,” he added.
Each of America’s 16 critical infrastructure sectors has its own risk management agency tasked with coordinating between the critical infrastructure owners/operators, Homeland Security, and other relevant federal agencies on managing risk – and incidents, cyber or otherwise, should they occur.
They fall under CISA’s umbrella, and are being gutted by the Trump administration’s ongoing cost-cutting efforts. We don’t know how many CISA employees have been axed or are facing the chopping block because Homeland Security won’t say.
We cannot take our eyes off, or should not take our eyes off, Russia, Iran, North Korea, or the large number of cyber criminal organizations that are out there
But we do know that Trump’s proposed spending plan would slash CISA’s budget by $491 million, or about 17 percent.
“I don’t think it’s the right move. I don’t think it’s the right policy decision to reduce our cybersecurity workforce,” Daniel said. “The federal government has always had trouble and will always have trouble recruiting in cybersecurity because of the difference in pay scales, and the demand is only growing.”
If anything, the feds should be boosting infosec budgets and employees, and doing more to help businesses protect themselves from the ever-increasing digital threats, he added.
Daniel says he doesn’t have “hard numbers” on how many federal employees have been fired or taken the government’s buy-out offer, either. “And that is something that, frankly, the executive branch owes the legislative branch as part of the legislative branch’s oversight function,” he opined.
“Just as a practical matter for management: you should know how man