Executive Summary
In 2021, the Office of the National Cyber Director (ONCD) was established and statutorily charged with advising the President of the United States on matters related to cybersecurity. In the three years since, ONCD has matured into one of the several key components of the U.S. government’s policymaking apparatus for cybersecurity - across both the government and the private sector. However, several changes are needed to ensure the efficacy of the office, especially as it relates to these other relevant agencies within the U.S. government.
The incoming administration has the ability to clarify and enhance ONCD’s mission and resources. This paper provides five key policy and structural recommendations to support this effort, with the goal of minimizing duplication of efforts, enabling accountability, and more broadly, increasing the security and resiliency of the U.S. cyber posture. These recommendations include:
- Update and clarify the ONCD mission statement, including a clear articulation of the policy making responsibility of the National Cyber Director (NCD) versus other key senior cyber leadership.
- Codify the NCD’s role as the U.S. Government’s lead external-facing cyber official.
- Improve collaboration between ONCD and the National Security Council (NSC) through dual-hatting a senior director. NSC/Cyber should also play more of a NSC/Intecon-like role for coordination between both entities.
- Staff ONCD with additional agency detailees and subject matter experts from within the government.
- Reinforce and codify the position of the Federal Chief Information Security Officer (CISO) within White House Office of Management and Budget (OMB), to be dual-hatted as a direct report to the NCD.
Read Next
The Clock’s Ticking: Why CISA 2015 Must Be Renewed Now
As the September 2025 expiration of CISA 2015 looms, Congress faces a critical decision that will shape the future of national cyber defense. At a time when the U.S. is under near constant cyber attacks, government and industry need to share intel.
Cybersecurity Coalition, CR2 Comment on EU Cybersecurity Act Revision Consultation
The Cybersecurity Coalition and the Coalition to Reduce Cyber Risk submitted comments to the European Union Directorate-General for Communications Networks, Content and Technology’s open consultation on revisions to the Cybersecurity Act.
New Cybersecurity Executive Order, Same Mission: Protecting America's Digital Infrastructure
Since taking office speculation has swirled on what President Trump would do on cybersecurity. A new EO upholds previous messaging and underscores that cybersecurity isn't a partisan battle; it demands nonpartisan solutions to protect the nation.