White House official fires back at McCain over cyber hearing 'stunt'

White House Homeland Security adviser Tom Bossert fired back at Sen. John McCain (R-Ariz.) following a contentious congressional hearing on cybersecurity, calling McCain's decision to leave an empty chair signifying White House cyber coordinator Rob Joyce's absence a cheap stunt.

"It's a longstanding precedent honored by different parties to not call the president's advisers to the Hill, and while I have a great deal of respect for Sen. McCain and for the institution of Congress, I felt that empty chair stunt was cheap and beneath him," Bossert said at an Oct. 24 event.

The White House invoked executive privilege to block Joyce from testifying before the Senate House Armed Services Committee on Oct. 9 about the United States government's ability to defend against cyberattacks. In place of Joyce, the administration sent Kenneth Rapuano, the Defense Department's assistant secretary for homeland and global security, and Christopher Krebs, head of the National Protection and Programs Directorate at the Department of Homeland Security, to testify.

Speaking at the Palo Alto Networks Ignite conference, Bossert also said America "lacks a collective vision" around cybersecurity, and that U.S. technology companies can't be expected to protect their systems in an environment where global rivals like China and Russia exert much more control over their Internet and private industry. If America waits for a cyber 9/11-style event to jolt policymakers and the public into considering a collective response, he argued, the fallout may lead to the public and policymakers drifting in a more authoritarian direction when it comes to regulating the internet.

"If we lose [an arms race] or if we find ourselves so far behind that we have to do something in haste," Bossert said, "I believe that we might end up being tempted -- regardless of what party is in power -- to adopt the Chinese model: developing barriers to entry, looking at code, providing an extremely parental approach, excluding private industries and innovation and creating that kind of great firewall. … I think that ends up fracturing the internet, running afoul of our open and free aspirations and putting the government in a position that the regular Americans don't want now."

Bossert pointed to the current debate around reauthorization of the government's spying powers under Section 702 of the FISA Amendments Act as an example of how data is often routed and stored in ways that blur the linea between nation-states.

"What I want you to do is think through where we are in five or 10 years in our ability to distinguish -- and the rationale of even trying to distinguish -- foreign data from domestic data, or foreign servers from domestic servers as information flows to the fastest route around the globe," said Bossert. "It's going to become increasingly difficult for us to separate between these functions."

He said smaller businesses should have the ability to opt into collective information sharing and protective services funded and created by both government and private industry.

"CITIBank [and Exxon] can afford to put more money into things and the government has got big purchasing power. Small business is forced to use the Internet because it's their lifeblood and they're forced to use things that are almost by definition the most vulnerable," he said.

"So as long as we all agree that the Internet's … something that we're all going to collectively use for the benefit of our society, let's protect it in ways that are not dissimilar to the way we protect individuals and neighborhoods and societies, with shared responsibility," said Bossert.