Anne Neuberger, NSA's director of cybersecurity, to join Joe Biden's National Security Council

Image courtesy of the NSA

President-elect Joe Biden has tapped Anne Neuberger for the cybersecurity slot on the National Security Council (NSC). Neuberger, who joined the NSA more than a decade ago and has been serving as the agency’s director of cybersecurity since 2019, will be named deputy national security adviser for cybersecurity in the incoming NSC, according to Politico.

At the NSA, Neuberger was responsible for directing the agency's cybersecurity mission. Prior to her role as Director, she led NSA’s Election Security effort and served as Assistant Deputy Director of NSA’s Operations Directorate, where she led NSA’s foreign intelligence and cybersecurity operations.

Her previous roles also include NSA’s first Chief Risk Officer; Director of NSA’s Commercial Solutions Center; the Navy’s Deputy Chief Management Officer; and a White House Fellow, working for Secretary of Defense Robert Gates. Prior to joining government service, Anne was Senior Vice President of Operations at American Stock Transfer & Trust Company (AST), where she was responsible for directing operations, including dividend distributions, complex mergers, and acquisition processing for approximately 2,000 publicly traded companies.

Neuberger will be the first to serve in this newly created cybersecurity role within the NSC. Sources told Politico that Neuberger will be in charge of coordinating cybersecurity operations across the federal government and all its agencies and departments. Her first task may be responding to the massive cyberespionage campaign, which officials suspect was carried out by Russian threat actors.

Commenting on the news, Yaniv Bar-Dayan, CEO and co-founder at Vulcan Cyber, a remediation intelligence provider, notes that federal cybersecurity leadership has never been more critical to the defense of the United States as traditional warfare continues to shift to a digital theater.

Bar-Dayan says, "Since the discovery of the SolarWinds hack, the spotlight has never been more focused on our shortcomings as an industry. We need to do more and we need to do better. We are pleased to see a candidate with a background in both traditional military operations and IT, both of which are essential to implementing effective cybersecurity and defense. But the United States government, and the cybersecurity industry as a whole, need to change the status quo to effectively protect our government data and digital infrastructure. The appointment of Anne Neuberger to the National Security Council is an excellent choice, but it is just the start.”

Timur Kovalev, chief technology officer at Untangle, a provider of comprehensive network security for SMBs, points out that the hiring of Neuberger signals that the new government is making cybersecurity a focal point, especially after the Sunburst attack.

"The recent media coverage of this attack has raised awareness of what can be at stake as victims were found to be US federal agencies such as the Department of Homeland Security, parts of the Pentagon and five branches of the US military. While the Sunburst attack has been stopped at the source, we still don’t know where the attack is still causing harm due to its spread before it was blocked, " says Kovalev. "Cybersecurity has become a mainstream issue that needs to be addressed at the highest levels in order to make sure the US is protected. The attacks will keep coming through 2021 and beyond. It is paramount that our elected officials take these attacks seriously, bringing in the right people for the job, and putting in place measures to block them.”

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.