White House National Cyber Director Harry Coker is preparing to step down from his position as the Biden administration transitions to President-elect Donald Trump’s incoming team.
As the third official to lead the Office of the National Cyber Director, established during Biden’s early presidency to coordinate cyber policy discussions between Congress, the Pentagon, and intelligence agencies, Coker has played a pivotal role in shaping national cybersecurity initiatives.
During his tenure, Coker has overseen various domestic cyber programs, including workforce enhancement, regulatory streamlining, and secure programming practices. On Tuesday, he presented a compelling message for the next administration: America’s cyber defenses need substantial strengthening.
“Our nation faces numerous critical challenges. Current headlines highlight concerning issues like potential infiltration of our critical infrastructure and compromised telecommunications networks,” he stated during a media briefing at the Foundation for Defense of Democracies, a Washington, D.C.-based national security research institution. “We can’t downplay it – there’s significant work ahead of us.”
In his keynote address, Coker reviewed his office’s contributions to U.S. cyber policy during recent years. During a subsequent discussion, he expressed his vision for ONCD to have greater influence over federal cybersecurity funding allocations.
“While providing budget guidance is important, we need to establish concrete budget directives for cybersecurity,” he emphasized. “I hope future administrations, regardless of political affiliation, will prioritize cybersecurity. Every department and agency must embrace this responsibility, and we need to move beyond mere suggestions when it comes to cybersecurity funding.”
This budgetary vision is part of a broader agenda aimed at strengthening national cyber defenses. Federal agencies consistently face threats from cybercriminal organizations and state-sponsored hacking groups. Beyond government entities, private sector companies regularly encounter ransomware attacks and stealthy attempts to compromise their infrastructure.
A key achievement during ONCD’s tenure was the release of a comprehensive national cybersecurity strategy in March 2023. This initiative reflected the Biden administration’s commitment to implementing stronger regulations across critical government sectors to enhance protection against cyber threats. As anticipated, many aspects of this strategy are still in various stages of implementation.
The future direction of ONCD under a Trump administration remains uncertain. Currently, the office continues its efforts to streamline cyber incident reporting requirements for organizations affected by attacks. Additionally, it’s working to implement a skills-based hiring framework for federal cyber positions, scheduled for rollout this summer.
Another significant initiative in progress is the development of a software liability framework designed to ensure software manufacturers are held legally responsible for inadequate security measures.
Regarding how this software framework might align with the incoming administration’s lighter regulatory approach, Coker emphasized the importance of finding equilibrium, stating, “I anticipate we’ll see proposals representing various positions across the spectrum.”
Coker highlighted that certain industry segments have shown particular interest in software liability regulations, especially concerning supply chain vulnerabilities where organizations face breaches due to integrated third-party software components.
During his address, Coker affirmed that the ONCD team “will maintain its commitment to serving the American people with dedication and excellence throughout the Trump administration and beyond.”
Recent discussions among incoming Trump officials and congressional representatives have indicated interest in retaliatory cyber operations, particularly in response to recently uncovered Chinese infiltrations of telecommunications infrastructure.
However, Coker expressed his belief that ONCD’s current scope shouldn’t extend to offensive cyber operations.
“The offensive capabilities are well-established with our existing framework,” Coker explained to reporters when questioned about the office’s involvement in offensive cyber operations. He referenced the NSA, Cyber Command, and other federal entities’ existing digital threat response capabilities.
“Our primary focus needs to remain on defensive cybersecurity measures. We should perfect these aspects before considering additional responsibilities,” he stated. During his presentation, he emphasized the necessity for improved deterrence against Chinese cyber threats through “deterrence by denial,” strengthening cyber defenses to prevent intrusions by Chinese state-affiliated hackers into American systems.
Regarding his personal future plans, Coker indicated he hasn’t actively pursued new opportunities and remains uncertain about his next steps, though he appears to be keeping his options open.
