The nascent Office of the National Cyber Director at the White House is gaining some serious reinforcements with the addition of three new deputies, including Kemba Eneas Walden, a highly experienced cybersecurity attorney who led the anti-ransomware effort at Microsoft’s Digital Crimes Unit.
National Cyber Director Chris Inglis announced Tuesday the addition of Walden as principal deputy national cyber director, along with Neal Higgins and Rob Knake as deputy national cyber directors. Higgins, who will focus on overall national cybersecurity issues, moves to the White House from CIA, where he oversaw the agency’s cyber operations, secure global communications, and data science programs. Knake will oversee the ONCD’s budget and strategy, and like Walden and Higgins, has long experience in the federal government, having served in the Department of Homeland Security and the National Security Council during the Obama administration.
Since he took office in July 2021, Inglis has been emphasizing the need for more personnel in the ONCD to help coordinate the country’s cyber defense efforts. Inglis is the first person to hold the title of national cyber director and has been vocal about the need to expand the office’s capabilities. Adding people with the depth and breadth of experience of Waldem, Higgins, and Knake will go a long way toward accomplishing that goal.
“As we continue to build this new office, the additions of Kemba, Neal, and Rob will accelerate our efforts to protect Americans in cyberspace,” said Inglis. “Each of these leaders brings impressive experience in cybersecurity policy making to our team, and their diverse perspectives will be invaluable as we strengthen our collective defense.”
The addition of Walden is a significant one, as she brings quite a bit of experience combatting what has become one of the more pernicious threats to national security: ransomware. The Microsoft DCU’s anti-ransomware program is one of the more active such groups in the industry, and has used both technical and legal means to help disrupt ransomware operations. In 2020, the DCU helped to disrupt the Trickbot malware network, which is closely associated with the Ryuk ransomware operation. That effort included the takeover of several command-and-control domains and a copyright claim for the unauthorized use of Microsoft’s software.
Ransomware has evolved from an annoyance for individual users a few years ago into the massive national security priority it now is. Just this week, the government of Costa Rica declared a national emergency following an attack by the Conti ransomware group last month. That attack affected the country’s tax and customs platforms, along with other systems.
The Biden administration has made cybersecurity in general and ransomware specifically top priorities. Last year, the federal government formed a ransomware task force as well as a National Cryptocurrency Enforcement Team charged with disrupting payments to ransomware groups.
“Cryptocurrencies and ransomware are inextricably linked. You can't disaggregate the challenge here. They come hand in glove,” Deputy Attorney General Lisa Monaco said in October.
“That’s why we’re targeting the ecosystem that supports the ransomware economy. We’re going after the entire criminal supply chain.”
Walden, Higgins, and Knake join Inglis and Chris DeRusha, the federal CISO and deputy national cyber director for federal cybersecurity, who joined the White House in October.