July 12, 2023

Mr. Jeff Zients, Chief of Staff

White House

1600 Pennsylvania Avenue, NW

Washington DC 20500

Dear Mr. Zients, 

We the undersigned organizations respectfully urge President Biden to nominate a National Cyber Director (NCD) before the end of July considering the ever-changing and increasingly complex cyber landscape. Swift action is crucial in filling this role to protect our nation against ongoing threats and effectively tackle the challenges that lie ahead of us. 

In line with our appreciation for the Administration’s unwavering commitment to enhancing the nation’s cybersecurity posture, we also commend the leadership of former Director Chris Inglis. Under his guidance, the White House established the Office of the National Cyber Director (ONCD) and drafted the National Cyber Strategy. Throughout his tenure, Director Inglis demonstrated the importance of effective coordination and collaboration between the government and the private sector. As a result, ONCD’s receptiveness to input and willingness to listen has been invaluable in strengthening our collective cyber efforts. 

However, we are concerned that the delay in nominating a candidate for the National Cyber Director role could impede the great work accomplished under Director Inglis and Acting Director Walden, hinder the implementation of the National Cyber Strategy, and jeopardize the effectiveness of ONCD. The nomination of this position presents a critical opportunity for the Administration to cement the significance of this office. Therefore, we urge you to promptly send a nomination to the Senate, and advocate for an expedited confirmation process to avoid the inevitable delays in nominations as an election nears.  

Additionally, as a nominee is confirmed, we strongly recommend issuing an Executive Order to prevent confusion and publicly clarify the cybersecurity-oriented roles and responsibilities of ONCD, National Security Council (NSC), Cybersecurity Infrastructure and Security Agency (CISA), Office of Management and Budget (OMB), National Institute for Standards and Technology (NIST) and other relevant cyber entities. Congress’s decision to make this a Senate-confirmed position has created potential overlaps, making such a clarification necessary. However, the way these issues are handled will define the Biden Administration’s lasting impact on cybersecurity policy and can demonstrate a comprehensive whole-of-government cybersecurity approach. 

We appreciate your consideration on this important issue and stay ready to collaborate with the next National Cyber Director. Should you have any questions, or if we can assist in any other way, please contact Ari Schwartz at ASchwartz@Venable.com.

Respectfully submitted, 

Better Identity Coalition

BSA | The Software Alliance

Center for Cybersecurity Policy and Law

Cybersecurity Coalition

Information Technology Industry Council

Read Next

CISA Proposes Sweeping Cyber Incident Reporting for U.S. Companies

The federal government is one step closer to requiring approximately 315,000 businesses to report cyber incidents and ransomware payments. 

Event Recap: Spring Into Privacy with the NIST Privacy Engineering Program

The NIST Privacy Framework is getting a little "Spring Cleaning." Officials from NIST's Privacy Engineering Program updated participants on updated to the Privacy Framework and other projects at an event last week.

Multiple Organizations Request 30-day Extension on CIRCIA Comments

The Cybersecurity Coalition, U.S. Chamber of Commerce, and 23 other organizations have requested a 30-day extension to the comment period for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) from CISA.