Companies Should Up Cybersecurity Efforts as Trump Council Frays

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Daniel R. Stoller

U.S. companies should partner with one another on cybersecurity improvements to fill the hole left by an exodus of members from a presidential advisory panel, cybersecurity professionals and attorneys told Bloomberg BNA.

Companies have other opportunities to get involved with the government to combat cybersecurity threats, including increasing their risk assessment collaboration, sharing threat data, and making sure their voices are heard in Congress.

President Donald Trump’s National Infrastructure Advisory Council (NIAC) recently lost seven members, who resigned Aug. 21. The departing members cited administration inaction on promised cybersecurity initiatives, according to the text of the resignation letter obtained by Bloomberg BNA. They said the Trump administration had paid “insufficient attention to the growing threats to cybersecurity of critical systems,” among other concerns.

Companies may be hard-pressed to look to government agencies for much needed cybersecurity assistance if other members decide to the leave the council, Roderick Jones, CEO at cybersecurity solutions company Rubica Inc. in San Francisco, told Bloomberg BNA Aug. 30. Cybersecurity ventures, like the NIAC, are “all about talent management so the administration’s inability to hang onto council members should be a matter of concern,” he said.

The goal of the council, which currently has 20 members, is to advise the White House, through the Department of Homeland Security, on cybersecurity issues that affect critical infrastructure sectors.

James P. Melendres, partner at Snell & Wilmer LLP in Phoenix and chairman of the firm’s cybersecurity, data protection, and privacy practice, told Bloomberg BNA Aug. 30 that “less private-sector input” leads to a step backwards on cybersecurity policy. Companies should turn to their industry partners and other private-public groups to help “foster more cyberthreat information sharing” and increase U.S. cybersecurity protections, he said.

Companies may also want to increase their lobbying efforts to make their voices heard in government, Dana Simberkoff, chief risk, privacy, and information security officer at AvePoint, told Bloomberg BNA Aug. 30. The government isn’t “unaware of the importance of cybersecurity” protections, but lobbying can ensure the issue is visible and gets resources, she said.

Council Resignations

White House Assistant Press Secretary Natalie Strom told Bloomberg BNA Aug. 30 that “a number of members” who left the NIAC were “appointed under the previous administration.”

Three departing members who served under former President Barack Obama, including former U.S. Chief Data Scientist DJ Patil and former Chief of Staff Cristin Dorgelo of the Office of Science and Technology Policy, took to Twitter to confirm their resignations. The former chairman of the Council on Environmental Quality, Christy Goldfuss, also confirmed her resignation through Twitter.

Despite the resignations, Strom said, the NIAC held an Aug. 22 meeting. At the meeting, the NIAC released a report on cybersecurity preparations and risks for critical infrastructure industries. Critical infrastructure includes the energy, telecommunications, financial services, and communications industries, among others considered vital, according to the DHS.

Dorgelo, now senior counselor at nonprofit consulting company Mission Partners LLC in Washington, told Bloomberg BNA Aug. 30 that she left the NIAC in part due to the Trump administration’s inaction on cybersecurity initiatives. The administration isn’t “giving sufficient attention to the security of critical infrastructure in” the U.S, she said.

The Trump administration still needs to make “serious moves” to fill “key agency roles” that will “help define and lead cybersecurity initiatives,” Dorgelo said. Congress could do more to point funding to cybersecurity research and development, and it is critical to have “tech talent at policy-making tables” to effectuate U.S. cybersecurity protections, she said.

To contact the reporter on this story: Daniel R. Stoller in Washington at dstoller@bna.com

To contact the editor responsible for this story: Donald Aplin at daplin@bna.com

For More Information

Text of the members resignation letter is available at http://src.bna.com/r7v.Text of the NIAC report is available at http://src.bna.com/r5o.

Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law: Privacy & Data Security