I tried hard, but didn't fix all of cybersecurity, admits outgoing US National Cyber Director

The outgoing leader of the United States' Office of the National Cyber Director has a clear message for whomever President-elect Trump picks to be his successor: There's a lot of work still to do.

Speaking to the Foundation for the Defense of Democracies yesterday, outgoing director National Cyber Director Harry Coker praised the work his office’s team has done in the past four years, while also noting that America is yet to implement all necessary defenses for critical systems.

"In the last four years we have: Fought fires; taken a proactive posture to defending cyberspace; brought greater coherence to Federal and global efforts; gotten key tech companies to step up on cybersecurity; and taken on some of the hardest problems that have long crippled our ability to stay secure," said Coker, the second person confirmed by the US Senate to hold his role.

"We've made progress," the outgoing director added, while noting "there's still a long way to go."

Coker called particular attention to the White House national cybersecurity strategy enacted in 2023, which his office played a key part in developing, as a success during his time in the role. Efforts to shore up security holes in the Border Gateway Protocol were also cited as a success.

The director also pointed to the Service for America campaign he led last year, which pitched cybersecurity work as national service as another success despite it also being an item of unfinished business as hundreds of thousands of infosec jobs remain unfilled.

"Everywhere I go, whether I'm talking to state or local government leaders, small or large businesses, or anyone leading critical infrastructure – they all tell me that they need more cyber talent," Coker said.

Coker hopes the second Trump administration will give the Office of the National Cyber Director more say in cybersecurity budgeting across the federal government.

"I would love for the incoming administration, or any administration, to recognize the priority of cybersecurity," Coker told reporters at yesterday's event. "It's a responsibility that every department and agency needs to stand up to. We need to give more than guidance when it comes to cybersecurity budgets."

• We're just shouting into the void, says US watchdog offering cybersecurity advice
• Trump administration wants to go on cyber offensive against China
• Software patching must work like car safety recalls, says US cyber boss
• Microsoft is a national security threat, says ex-White House cyber policy director

He didn't mince words on the state of cybersecurity in the US, highlighting concerns about recent reports of cyber intrusions targeting US telecommunications systems.

How well that message is being received is unclear. Verizon - one of the group of US telecom providers breached by the Beijing-linked Salt Typhoon crew - has been handed a deal to upgrade cellular networks on 35 US Air Force bases.

Moreover, Microsoft, which supplies myriad government agencies, has been slammed by US cyber officials for lax security that allowed a China-linked group to breach Exchange Online and access the emails of senior government officials, but contract cash keeps flowing to Redmond, too.

President-elect Trump is yet to name the next ONCD Director. Whoever gets the gig will be busy. ®