After Congress approved his nomination in 2021, Chris Inglis served as the first-ever National Cyber Director for the White House. Now, he plans to retire. So who’s next?

As of this writing in January of 2023, there remains uncertainty around who will fill the role. However, the frontrunner is Kemba Walden, Acting Director of the National Cyber Director’s office. Walden is a former Microsoft executive who joined the National Cyber Director’s office in May. Before her appointment, Walden was the Deputy National Security Advisor for Cyber and Emerging Technology in the Biden Administration.

If not Walden, who else might take over from Inglis? The best answer is to look at the senior cybersecurity folks in the Biden administration who advise Biden directly.

A group of well-qualified successors

The national cybersecurity of the United States has been a priority for President Biden. To ensure that the most efficient protocols are being followed, the president has designated several senior members from his team to serve as direct advisors with specific responsibility for cybersecurity issues. These advisors bring extensive expertise in national security operations and risk management from multiple sectors. They played key roles in establishing national defenses, and are expert problem-solvers in the face of evolving threats. This highly specialized group provides the strength and stability needed to maintain national cybersecurity in a rapidly evolving threat landscape.

The key senior cybersecurity officials include the aforementioned Chris Inglis as the first National Cyber Director, Jen Easterly as the Director of the Cybersecurity and Infrastructure Security Agency (CISA), Alejandro Mayorkas as the Secretary of Homeland Security, Kemba Walden as the first Principal Deputy National Cyber Director, Neal Higgins as Deputy National Cyber Director for National Cybersecurity and Rob Knake as Deputy National Cyber Director for Budget and Policy.

A promising candidate

While everyone here plays a crucial role, Jen Easterly stands out based on her comprehensive cybersecurity background. Easterly is an internationally renowned cybersecurity expert, formerly serving as the Deputy Director of the United States Cybersecurity and Infrastructure Security Agency (CISA) and the Senior Advisor to the Under Secretary for National Protection and Programs Directorate at the Department of Homeland Security (DHS). Before joining CISA, she held management positions in both private industries and within the government. This included a four-year tenure with IBM Global Services as Senior Consulting Analyst.

Ms. Easterly’s expansive career has seen cybersecurity accomplishments in both the public and private sectors. Many of her notable successes occurred while working at CISA, initiating groundbreaking efforts to enhance information sharing among critical infrastructure sectors, as well as leading work that addressed cyber threats from foreign actors. She also spearheaded cybersecurity workforce development and led a collective effort to modernize Federal government organizations’ response to ever-increasing threats from malicious actors online.

Outside of her government service, Easterly was also instrumental in creating several successful commercial programs focused on protecting corporate IT assets through best practices such as risk assignment and attack surface reduction.

Initial concerns vanquished

Though many promising candidates have emerged for National Cyber Director, the role itself was not without contention. After the appointment of Chris Inglis, concerns arose that there were “too many cooks” in the federal cyber leadership kitchen. Additionally, there was uncertainty as to who would be the true “quarterback” taking over command of national cybersecurity going forward. While Inglis’ extended background in national security steered much of the discourse toward a sense of assurance, undertones still remained that he was just one man wielding undue power without a larger organization behind him for support.

Though uncertain at the time, these concerns have since dissolved. Inglis has proven himself more than capable of tackling national cybersecurity amid a coalition of national leaders and organizations.

The role of national cyber director

The National Cyber Director has provided immense benefits to the public and private sectors over the past year and a half. The director essentially acts as a bridge between the two sectors, ensuring that national interests remain on top of government agendas while also fostering collaboration with industry stakeholders.

As National Cyber Director, Inglis developed national-level policies to protect organizations of all sizes from cyber threats and worked with government agencies to identify areas of need throughout the cybersecurity landscape. As a result, businesses could prioritize cybersecurity investments. know their threats better, remain at the cutting edge of technological innovation and adopt best practices — all in an effort to ensure national security.

IBM Security Intelligence reached out to the Office of the National Cyber Director (ONCD) about the role. They responded with the following statement:

“ONCD’s mission is to create a resilient, safe and equitable cyber space. We’re doing so by focusing on long-term strategic planning while executing on near-term tactics to mitigate existing vulnerabilities. Ultimately, we desire to seize the initiative back from the adversary and reimagine cyberspace with an affirmative vision consistent with our values.”

How ONCD meets its goals

ONCD’s statement went on to elaborate on how it has tackled those objectives:

“Most notably, ONCD is leading the interagency drafting process for the Biden-Harris Administration’s National Cybersecurity Strategy. A process through which we’ve solicited input from over 300 stakeholders across industry, foreign governments, academia and the nonprofit sector. This exceptional level of collaboration is a recognition that the terrain in cyber space is principally privately owned, and public-private partnerships are paramount to addressing cybersecurity challenges successfully.

“We also initiated an ongoing series of topical executive fora. By using the unique convening power of the White House, we’re bringing together industry executives with Cabinet Secretaries and Deputies to share threat intelligence and drive collaboration at the highest levels possible. Among these was the National Cyber Workforce and Education Summit in July. At the Summit, ONCD announced the development of a National Cyber Workforce and Education Strategy. A resulting RFI received over 150 responses from a broad section of stakeholders. ONCD is reviewing those and working to publish the full strategy, incorporating many of those inputs, in the coming months.

“Finally, we worked aggressively with our colleagues across the interagency to bring enhanced security to the federal enterprise. This included overseeing the implementation of Executive Order 14028, deployment of Zero Trust Architecture, release of first-of-its-kind ‘Spring Guidance’ on cybersecurity budgeting and initiating a planning process for post-quantum encryption.”

Closing in on the next national cyber director

This still leaves the identity of the next National Cyber Director in question. As the U.S. government bolsters its cyber defenses, replacing Inglis remains a priority. This influential role will develop and coordinate the nation’s cybersecurity strategy.

Asked about any insights as to plans once Chris Inglis retires, the ONCD states:

“With respect to Director Inglis’ retirement —  he will retire sometime this year after five decades of public service. At that time, Principal Deputy Kemba Walden will become Acting National Cyber Director and continue to lead the organization with the same passion as she has as Deputy Principal.”

Whether it’s Walden, Easterly or another senior official, the country’s cybersecurity efforts appear to be in good hands.

More from Government

How the FBI Fights Back Against Worldwide Cyberattacks

5 min read - In the worldwide battle against malicious cyberattacks, there is no organization more central to the fight than the Federal Bureau of Investigation (FBI). And recent years have proven that the bureau still has some surprises up its sleeve. In early May, the U.S. Department of Justice announced the conclusion of a U.S. government operation called MEDUSA. The operation disrupted a global peer-to-peer network of computers compromised by malware called Snake. Attributed to a unit of the Russian government Security Service,…

How NIST Cybersecurity Framework 2.0 Tackles Risk Management

4 min read - The NIST Cybersecurity Framework 2.0 (CSF) is moving into its final stages before its 2024 implementation. After the public discussion period to inform decisions for the framework closed in May, it’s time to learn more about what to expect from the changes to the guidelines. The updated CSF is being aligned with the Biden Administration’s National Cybersecurity Strategy, according to Cherilyn Pascoe, senior technology policy advisor with NIST, at the 2023 RSA Conference. This sets up the new CSF to…

Why keep Cybercom and the NSA’s dual-hat arrangement?

4 min read - The dual-hat arrangement, where one person leads both the National Security Agency (NSA) and U.S. Cyber Command (Cybercom), has been in place since Cybercom’s creation in 2010. What was once touted as temporary 13 years ago now seems established. Will the dual-hat arrangement continue? Should it? Experts have discussed the pros and cons of both viewpoints for years. It remains in place for now, but is that likely to change in the future? That remains to be seen, and points…

New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

8 min read - IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads. Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as…