President Joe Biden is hiring a group of national security veterans with deep cyber expertise, drawing praise from former defense officials and investigators as the US government works to recover from one of the biggest hacks of its agencies attributed to Russian spies.
“It is great to see the priority that the new administration is giving to cyber,” said Suzanne Spaulding, director of the Defending Democratic Institutions project at the Center for Strategic and International Studies.
Cyber security was demoted as a policy field under the Trump administration.
It discontinued the Cybersecurity Coordinator position at the White House, shrunk the State Department’s cyber diplomacy wing, and fired federal cyber security leader Chris Krebs in the aftermath of Donald Trump’s November 3 election defeat.
Disclosed in December, the hack struck eight federal agencies and numerous companies, including software provider SolarWinds.
US intelligence agencies publicly attributed it to Russian state actors. Moscow has denied involvement in the hack.
Under a recent law, Biden must open a cyber-focused office reporting to a new national cyber director, who will coordinate the federal government’s vast cyber capabilities, said Mark Montgomery, a former congressional staffer who helped design the role.
The leading candidate for cyber director is Jen Easterly, a former high ranking National Security Agency official, according to four people familiar with the selection process.
Now head of resilience at Morgan Stanley, Easterly held several senior intelligence posts in the Obama administration and helped create US Cyber Command, the country’s top cyber warfare unit.
Easterly did not respond to requests for comment.
The Biden administration “has appointed world-class cybersecurity experts to leadership positions,” Microsoft corporate vice president Tom Burt said in a statement.
Some observers worry, however, that the collective group’s experience is almost entirely in the public sector, said one former official and an industry analyst who requested anonymity.
The distinction is important because the vast majority of US internet infrastructure is owned and operated by…