In a fireside chat hosted by the Foundation for Defense of Democracies (FDD), National Cyber Director Harry Coker reflected the success, experiences, and lessons learned at the Office the National Cyber Director (ONCD) over its first four years of existence and discussed the role the office could take under the incoming Trump administration. The conversation was moderated by RADM (Ret.) Mark Montgomery, Senior Director of FDD’s Center on Technology Innovation (CCTI) and former Executive Director of the congressionally-mandated Cyberspace Solarium Commission. 

Four years ago, Congress established ONCD through the passage of the FY 2021 National Defense Authorization Act. Proposed as part of a series of initiatives from the Cyberspace Solarium Commission, the Office was designed to advise the President on cybersecurity, support the implementation of a national cyber strategy, enhance whole-of-nation cyber resilience, and collaborate with the Office of Management and Budget (OMB) to align federal resources to combat growing cyber threats posed by both cybercriminals and nation-states. 

Under the Biden Administration, ONCD evolved significantly, taking on responsibilities as new challenges emerged and the office itself matured. Early in the Administration, SolarWinds highlighted the need to comprehensively address the nation’s cybersecurity. The Executive Order on Improving the Nation’s Cybersecurity set out to tackle this challenge, improving information sharing, moving the Federal government to secure cloud services and zero trust architectures, establishing new procurement standards, and creating the Cybersecurity Safety Review Board (CSRB). 

Then, the Colonial Pipeline incident underscored the vulnerabilities in U.S. critical infrastructure, leading federal agencies to develop new sector-specific cybersecurity requirements. Whereas these efforts were still largely reactive, the Administration eventually adopted a more proactive approach, particularly through the Counter Ransomware Initiative (CRI), Secure-by-Design initiative, the National Cybersecurity Strategy and Implementation Plan, and its efforts on post quantum cryptography. 

At the event, Coker expanded on key issues for ONCD moving forward: 

• PRC: NCD Coker emphasized the significant threat posed by the People’s Republic of China (PRC), urging the U.S. federal government to clearly communicate this danger to the American public and develop a robust response. Using the Salt Typhoon and Flax Typhoon incidents as key examples, he illustrated how the PRC is prepositioning itself within U.S. and allied critical infrastructure. He referenced his efforts to communicate this point during his January 31, 2024, testimony to the House Select Committee on the CCP, alongside CISA Director Jen Easterly, then-Commander of U.S. Cyber CommandGeneral Paul Nakasone, and FBI Director Christopher Wray. 
• Deterrence: While political deterrence by the President and federal government is essential, deterrence by denial – making it more difficult for malicious actors to achieve their operational objectives – is equally crucial. Coker emphasized that, by adhering to the National Cybersecurity Strategy (NCS) and its implementation plan, the U.S. can effectively deter malicious actors, impose significant costs on them, and ultimately undermine their power. A key strength of the NCS is its technology-agnostic and threat-agnostic design, enabling it to address threats from state-sponsored adversaries like China, run-of-the–mill cybercriminals, or anything in between.
• Resourcing: Strategy without resources to support it is merely rhetoric. Coker noted the instrumental role ONCD’s partnership with the Office of Management and Budget (OMB) during the Biden Administration played in elevating cybersecurity as a federal budget priority. Looking ahead, he expressed optimism that federal agencies will increasingly recognize that protecting their IT systems is essential to accomplishing their core missions. He also noted that it is possible to prioritize cybersecurity within existing budgets. This approach is particularly important given that preventing budgetary expansion will be a priority of the next administration.
• Workforce: Cybersecurity is only as strong as the workforce that supports it. Unfortunately, the cybersecurity workforce is not large enough to fill all positions available in the U.S. To address this problem, NCD Coker advocated for the federal government and industry to work together to make Americans aware of these opportunities and increase the number of pathways to enter the field. In the past few years, ONCD has pushed to reduce unnecessary four-year degree requirements and has sought to leverage untapped pools of talent at community colleges and technical schools. 
• Future of ONCD: NCD Coker emphasized the need for future administrations to move beyond mere guidance on cybersecurity and take decisive action to protect U.S. federal information systems and critical infrastructure. He then expressed confidence in ONCD’s ability to lead these efforts effectively. RADM (Ret.) Montgomery echoed this sentiment, noting that the Office has demonstrated a capability for leadership that it lacked at the start of the Biden Administration in January 2021.

As of now, President Trump has not announced his nominee to lead the ONCD.

‍