A bipartisan group of former officials is urging senators to approve President Trump’s nominee to lead the Department of Homeland Security’s (DHS) cyber and critical infrastructure protection efforts.
Trump has tapped Christopher Krebs to serve at the helm of the National Protection and Programs Directorate (NPPD), the Homeland Security unit responsible for guarding federal networks and critical sectors from cyber and physical threats.
{mosads}In advance of Kreb’s confirmation hearing Wednesday, 48 former officials signed on to a letter expressing support for his nomination and urging the Senate to confirm him “as soon as possible.”
The letter, sent to leaders of the Senate Homeland Security Committee this week, is signed by a number of high-profile former officials, including President George W. Bush’s former homeland security secretary Michael Chertoff, President Obama’s former cybersecurity coordinator Michael Daniel, and Suzanne Spaulding, who helmed NPPD under Obama.
“Mr. Krebs’ cybersecurity expertise is particularly needed in the Under Secretary role given the increasing number of severe cyber attacks on our Nation,” the former officials wrote in the letter, a copy of which was shared with The Hill.
NPPD is responsible for protecting federal civilian networks from cyberattacks. The directorate also engages with operators of critical infrastructure — the vast majority of which is owned by the private sector — to protect the electric grid, financial sector and other critical services from cyber and other threats and respond to incidents impacting them.
The directorate’s efforts have fallen under particular scrutiny in recent months following Russian interference in the 2016 presidential election. Among its growing portfolio of responsibilities, NPPD is providing voluntary aid to state and local election officials to guard their systems from cyberattacks.
NPPD officials have taken the lead in responding to other high-profile cyber incidents, including the massive “Wanna Cry” malware outbreak last May.
“Its role is going to become outsized and bigger,” Frank Cilluffo, a former Bush homeland security adviser who signed the letter supporting Krebs, said of NPPD. “You need to make sure you have the tools, the people, the policies, the authorities in place.”
Trump tapped Krebs to serve as assistant secretary for NPPD’s Office of Infrastructure Protection in August. Krebs has been fulfilling the responsibilities of undersecretary for NPPD, which requires Senate confirmation, in an acting capacity while the administration searched for a permanent occupant. Trump officially nominated Krebs to the top job in early February.
Krebs is no stranger to Homeland Security, having worked in the department on infrastructure protection during the Bush years. Krebs also has some experience in the private sector, working on Microsoft’s government affairs team before rejoining the federal government last year.
“The ability to understand both public and private sector infrastructure security needs is a critical responsibility of the Under Secretary for NPPD,” the former officials wrote. “The combination of Mr. Krebs’ DHS background and his experience working on private sector security issues makes him uniquely qualified for the position.”
Krebs is slated to appear before the Senate Homeland Security and Governmental Affairs Committee on Wednesday afternoon. He is likely to face questions about NPPD’s ongoing efforts to secure federal networks and critical infrastructure and build relationships with the private sector.
“The Committee has heard how the private sector is best positioned to innovate and distribute products and services that will protect us against malicious cyberattacks,” Chairman Ron Johnson (R-Wis.) is expected to say at the outset of the hearing, according to excerpts of his prepared remarks. “I hope Mr. Krebs will challenge the Department to consider how the federal government can do more to support its partners in the private sector.”
Krebs may be asked to weigh in on a proposal moving through Congress that would reorganize and rename NPPD as the Cybersecurity and Infrastructure Security Agency, a measure that agency officials have said will help better recruit and retain critical personnel.