Axios has a story about how the White House is gutting the CISO staff put into place in the wake of the 2014 APT 29 operation in which Russia targeted the White House. They story is based off the October 17 resignation letter of Dimitrios Vastakis, who was in charge of White House computer network defense, which describes how hostility towards CISO staff has led most of the senior people to resign.
What Axios doesn’t describe, however, is Vastakis’ expressed concern about the effect: that political appointees will be in charge of everything, including compliance with the Presidential Records Act.
I have seen the planned organizational structure for the cybersecurity mission going forward. It essentially transfers the entire mission to the White House Communications Agency (WHCA). All key decision making roles and leadership positions will no longer by [sic] staffed EOP individuals. To me, this is in direct conflict with the recommendations made by the OA Office of General Counsel (OA GC). The main concern of OA GC was the oversight of PRA data and records. Considering the level of network access and privileged capabilities that cybersecurity staff have, it is highly concerning that the entire cybersecurity apparatus is being handed over to non-PRA entities.
That is, it’s not just that Russia will be able to hack the White House again. It’s also that some SysAdmin who knows fuckall about security but who knows how badly Trump needs to suppress or alter key records of his Administration will have the direct access to do that.
In the wake of Trump’s attempt to bury his recent efforts to hide potentially criminal conversations with foreign leaders in a particularly secure server (and in the wake of email or social media retention scandals going back to the first President that Bill Barr helped cover up crimes, Poppy Bush), this concern seems unbelievably important.