Kirstjen Nielsen’s departure as head of Homeland Security is creating uncertainty about the agency’s cyber efforts.
As Department of Homeland Security (DHS) chief, Nielsen made cybersecurity a top priority, but some are questioning whether her permanent replacement will do the same.
President Trump tapped Customs and Border Protection Commissioner Kevin McAleenan to serve as acting secretary. And while he has a broad background in border security matters, he is entering the interim role without significant cyber experience.
{mosads}
“DHS is already stretched very thin and putting lots and lots of effort into … the main thing that this administration cares about, which is the immigration mission,” said Chris Painter, who served as cybersecurity coordinator at the State Department during the Obama administration. “And I think, inevitably, that is going to have an effect on the cyber mission.”
Concerns about a potential cyber void have been heightened by Trump signaling he
wants a DHS leader who is tough on immigration policy and border issues.
“Given what we know about the kind of person the president wants to lead DHS — essentially someone who is willing to take the most hawkish position on immigration possible — it doesn’t seem likely the new DHS leader will be a cyber-focused person,” Jamil Jaffer, a former senior counsel for Republicans on the House Intelligence Committee, told The Hill.
McAleenan will be taking on the position at a time when Trump has amped up his rhetoric about closing the southern border and taking on a more aggressive security stance amid a spike in illegal border crossings over the past few months.
“My concern is that try as he will … Kevin McAleenan will be under tremendous pressure from the White House to focus even more on the southern border and that would be to the detriment of the department’s mission broadly,” said John Cohen, who served as DHS acting under secretary for intelligence and analysis during the Obama administration and is now a professor at Rutgers University.
Nielsen had an extensive cyber background. She advised former President George W. Bush on cyber and homeland security issues, and she founded a cyber-focused consulting group called Sunesis Consulting.
{mossecondads}
At DHS, Nielsen created the National Risk Management Center to focus on fighting against evolving digital dangers. She also publicly pushed lawmakers last year to pass a bipartisan bill that cemented the agency’s role as the main entity overseeing civilian cybersecurity by establishing the Cybersecurity and Infrastructure Security Agency (CISA), which focuses on securing federal networks and protecting critical infrastructure from cyber threats.
She also heightened the awareness of digital threats, leading efforts to secure the 2018 midterms after the U.S. intelligence community concluded that Russia sought to interfere in the 2016 presidential election through sophisticated disinformation campaigns and by hacking into the Democratic National Committee.
Nielsen even warned that cyberattacks could be more dangerous than terrorist attacks.
“DHS was founded 15 years ago to prevent another 9/11. I believe an attack of that magnitude is now more likely to reach us online than on an airplane,” Nielsen said in a speech last year. “Our digital lives are in danger like never before.”
Experts say that fervor for cyber will be difficult to match.
“Unless they have passion about it and really understand it, you only get so far, especially with issues in cyber where to many people it is still a mystery — even though it shouldn’t be,” Painter said.
Potential successors to Nielsen include Energy Secretary Rick Perry, former Virginia Attorney General Ken Cuccinelli and former Kansas Secretary of State Kris Kobach.
Nielsen’s departure follows that of former White House homeland security adviser Tom Bossert. And Rob Joyce, who served as cybersecurity coordinator at the White House, has returned to the National Security Agency.
“The loss of cyber-capable leaders like Tom Bossert, Rob Joyce, and Kirstjen Nielsen doesn’t bode well for cybersecurity issues,” said Jaffer, who heads George Mason University’s National Security Institute. “And while there are good cyber leaders still around, like Chris Krebs at DHS/CISA, Karen Evans at the Department of Energy and Paul Nakasone at Cyber Command, the administration needs to make public and private sector cybersecurity a core government priority.”
Both Painter and Jaffer said Krebs will likely take on a more visible role after Nielsen’s departure on Wednesday, but his role will nevertheless be limited.
“As good as Chris is, there is only so much he can do,” Painter said. “He is not in charge of the department. … He is not in charge of being out on the bully pulpit.”
“I think Chris will be an increasingly visible leader, and that’s a good thing for cybersecurity writ large,” Jaffer added. “Chris is a very smart guy who gets the core technology issues at stake and can bring private sector perspective to bear on these critical matters.”
Nielsen’s allies and supporters say their biggest concern is that Nielsen’s permanent successor will focus more on immigration than other threats to the U.S.
“While the president obviously is entitled to having whoever he wants in his Cabinet, given the critical importance of cybersecurity to our national security and economic stability, not to mention the very real threat to the 2020 elections, trading a cyber expert for an immigration hawk may not be the best call,” Jaffer said.
“At the end of the day, Secretary Nielsen’s departure — whether forced or voluntary — is a serious loss for those that care about cybersecurity in our nation,” he said.