The White House’s cybersecurity practices might be in trouble – again.
According to Ars Technica, changes to the White House’s information operations and security organizations have left the security in chaos, with many of them resigning. With all these changes and “tumult,” the White House’s network may be at risk for data theft.
These changes took place in July of this year, and have been called more convenient than they are secure; they include dissolving the Office of the Chief Information Security Officer (OCISO), which was created after a data breach in 2014, and placing its duties under the White House Office of the Chief Information Officer. Since then, the Office of Administration at the White House has been “purging information security staffers while responsibility for cybersecurity is outsourced from the streamlined IT operations team,” Ars Technica says.
The changes also sparked hostility among the information security team, which has led to resignations. According to a memo written by White House network defense branch chief Dimitrios Vastakis, who is also leaving, the security team’s incentive pay has been revoked, their scope of duties have been cut, and their access to systems and facilities have been reduced. Vastakis also said that all of these changes, especially the White House moving all of its cybersecurity operations, directly went against the advice of the Trump Administration’s general counsel.
As a result, an uptick in cyberattacks on the White House’s network in the near future wouldn’t be surprising. This is especially concerning with the 2020 election coming up, especially since many political leaders claim they do not want a repeat of the foreign interference of the 2016 election.
“Allowing for a large portion of institutional knowledge to concurrently walk right out the front door seems contrary to the best interests of the mission and the organization as a whole,” Vastakis said in his memo. “Given all the changes I’ve seen in the last three months, I foresee the White House is posturing itself to be electronically compromised once again.”