Executive Summary
In 2021, the Office of the National Cyber Director (ONCD) was established and statutorily charged with advising the President of the United States on matters related to cybersecurity. In the three years since, ONCD has matured into one of the several key components of the U.S. government’s policymaking apparatus for cybersecurity - across both the government and the private sector. However, several changes are needed to ensure the efficacy of the office, especially as it relates to these other relevant agencies within the U.S. government.
The incoming administration has the ability to clarify and enhance ONCD’s mission and resources. This paper provides five key policy and structural recommendations to support this effort, with the goal of minimizing duplication of efforts, enabling accountability, and more broadly, increasing the security and resiliency of the U.S. cyber posture. These recommendations include:
- Update and clarify the ONCD mission statement, including a clear articulation of the policy making responsibility of the National Cyber Director (NCD) versus other key senior cyber leadership.
- Codify the NCD’s role as the U.S. Government’s lead external-facing cyber official.
- Improve collaboration between ONCD and the National Security Council (NSC) through dual-hatting a senior director. NSC/Cyber should also play more of a NSC/Intecon-like role for coordination between both entities.
- Staff ONCD with additional agency detailees and subject matter experts from within the government.
- Reinforce and codify the position of the Federal Chief Information Security Officer (CISO) within White House Office of Management and Budget (OMB), to be dual-hatted as a direct report to the NCD.
Read Next
Trump EO Aims to Streamline Critical Infrastructure Resilience
In a move aimed at decentralizing incident-preparedness and response, President Trump signed an EO seeking to streamline the feds role in responding to incidents, like cyber attacks, and place decision-makin with State and locals.
Cybersecurity Regulatory Harmonization Hearing Highlights Need for Public Private Sector Partnerships
Private sector representatives emphasized the importance of streamlining cybersecurity regulations and improving information sharing efforts between the government and industry during a recent House hearing.
Industry Coalition Urges Commerce Secretary Lutnick to Prioritize Funding NIST Cyber Efforts
A letter addressed to Commerce Secretary Howard Lutnick from a coalition of industry organizations emphasizes the urgent need to sustain funding and support for the National Institute of Standards and Technology’s cybersecurity mission.