CSIS, lawmakers launch cyber task force for next president

The next president won’t take office for another 18 months, but there is already a task force to advise him or her on the critical job of improving the nation’s cybersecurity.

The Center for Strategic and International Studies’ panel, comprising technical experts on each coast, plans to issue recommendations for executive action to the next president. The task force has bicameral and bipartisan backing: Its co-chairs are Sen. Sheldon Whitehouse (D-R.I.), ranking member of the Judiciary Subcommittee on Crime and Terrorism, and Rep. Michael McCaul (R-Texas), chairman of the House Homeland Security Committee.

Each of the task force groups is interested in looking at key cybersecurity issues like encryption, said James Lewis, a CSIS senior fellow who helped lead a similar commission to advise then-President-elect Barack Obama in 2008. The California-based group will also study “how surveillance affects the IT industry” and consider how to heal the rift between the tech industry and the U.S. government that emerged after revelations of National Security Agency surveillance, Lewis added.

In the wake of cyber-intrusions linked to China, Russia and other nation-states, the two lawmakers chairing the commission said the task force will examine potential punitive policy measures in response to hacks and the development of offensive doctrine. “With the attribution, if it goes to a nation-state actor and we have the intelligence to prove that, then what should be the repercussions?” McCaul mused at a briefing on the task force on Capitol Hill.

Whitehouse struck an upbeat tone on cybersecurity measures being mulled in Congress, saying he sees a possibility of adding measures on cyber incident awareness and cybercrime as amendments to the Cybersecurity Information Sharing Act of 2015, if and when CISA makes it to the Senate floor.

Karen Evans, a former Office of Management and Budget official and member of the task force, said the group will consider the role of agency chief information officers and the extent to which they need to manage certain IT infrastructure or outsource that to contractors.