Privacy & Cybersecurity Law Blog

On April 12, 2021, the Biden administration announced it intends to nominate Chris Inglis, a former Deputy Director of the National Security Agency, to be the first U.S. National Cyber Director (“NCD”), subject to Senate confirmation. The newly established NCD position, which will serve as the President’s principal cybersecurity policy and strategy advisor, and the Office of the National Cyber Director (the “ONCD”) were created under the National Defense Authorization Act for Fiscal Year 2021 (the “NDAA”), which became law on January 1, 2021.

The ONCD is established within the Executive Office of the President. In addition to serving as the principal advisor to the President on cybersecurity policy and strategy, the duties of the NCD include to:

• offer advice and consultation to the National Security Council, Homeland Security Council and relevant federal departments and agencies relating to the development and coordination of national cyber policy and strategy;
• coordinate the implementation of national cyber policy and strategy;
• coordinate the development and ensure the implementation of the federal government’s integrated incident response to cyberattacks and cyber campaigns of significant consequence;
• prepare the federal government’s response to cyberattacks and cyber campaigns of significant consequence across federal departments and agencies with cybersecurity responsibilities, as well as with relevant private sector entities;
• coordinate and consult with private sector leaders on cybersecurity and emerging technology issues in support of, and in coordination with, other federal agency and department heads, such as the Director of the Cybersecurity and Infrastructure Security Agency and the Director of National Intelligence;
• report annually to Congress on cybersecurity threats and issues facing the U.S., including with respect to new or emerging technologies that may affect national security, economic prosperity or enforcement of the rule of law; and
• be responsible for such other functions as the President may direct.

The NCD is empowered under the NDAA to promulgate rules and regulations as may be necessary to carry out the functions, powers and duties vested in the NCD. The establishment of a Senate-confirmed NCD and an ONCD were recommendations of the 2020 report of the Cyberspace Solarium Commission, which Congress tasked with developing a consensus on a strategic approach to defending the U.S. against cyberattacks of significant consequences.