The Senate has confirmed the nomination of Chris Inglis as the new national cyber director, coordinating cybersecurity across civilian agencies from the White House.
Chris retired in 2014 as Deputy Director of the NSA after a 28-year career at the intelligence agency. He was a member of the Cyberspace Solarium Commission, the bipartisan panel that released 75 recommendations last year to get out ahead of a “catastrophic cyber attack.”
Chris discussed the commission’s findings with FAIR Institute President Nick Sanna in a session at the 2020 FAIR Conference. Watch the video (membership in FAIR Institute and LINK discussion board required) Roundtable: A Strategic Approach to Defending the U.S. in Cyberspace for insight into how Chris will handle his new role inside government.
The Solarium report encouraged cooperation between government and business and among nations to counter cyber threat actors. “It’s a call for collaboration, it’s a call for proactivity,” Chris said. “…All of that must stand on a foundation of knowledge, with some clarity and crispness about the nature of the threats in that space…and shareability about the risks in that space.
“The FAIR framework comes into view at that point of being an excellent way to not simply qualify those risks but quantify those risks in a way that’s repeatable…So when you want to share your sense as to how you prioritize what you’re going to work on, your collaborators in that space can essentially share that prioritization and work accordingly.”
Chris also spoke at the 2019 FAIR Conference session Pen Testing Your Board Pitch: An Interactive Exercise, drawing on his experience as a board member at FedEx and Huntington Bancshares.
Nick Sanna, President of the FAIR Institute, commented, “There is no one more qualified than Chris Inglis to fill the role of national cyber director. He understands the importance of combining good intelligence and best cybersecurity practices with a risk management approach so that the federal government can focus on what matters the most and resource those efforts appropriately.”
The nomination of Jen Easterly as the Director of the Cybersecurity and Infrastructure Agency (CISA) is still pending confirmation. Both nominees will walk into jobs facing the policy implications of exactly the kind of widespread threats the Solarium Commission warned of: the hack of the SolarWinds network monitoring software and Microsoft Exchange Server that compromised thousands of government and private enterprise networks and email systems, as well as the recent Colonial Pipeline and JBS USA meatpacker ransomware attacks.