I've spent the day talking to former colleagues of Biden DHS secretary nominee Alejandro Mayorkas about his work on cybersecurity.
The consensus is that, while he'll be working a lot on immigration, he'll also do great work on cyber.
"Ali is an outstanding choice to be the secretary, and he will really be able to hit the ground running," @SpauldingSez told me. "He was very much involved in some of our most important efforts" as depsec.
Fmr DHS official: "Cyber was probably his #2 [issue] behind immigration."
"Ali was deeply involved in those discussions," said @C_Painter, one of the deal's key architects.
Mayorkas understood that multilateral pressure was "an important leverage point for us.”
Spaulding, who traveled with Mayorkas to Israel to sign an info-sharing deal and to Beijing to work on the IP theft deal, recalled that Mayorkas had been "very active on the international front."
The need for partnerships between DHS and sister agencies overseas has only grown.
Mayorkas was also a great advocate for DHS's cyber defenders in NSC meetings, per colleagues.
Former DHS official: “He was really good about taking the inputs from us at the staff level and then working collaboratively with his peers … to get stuff across the finish line.”
One example: During interagency talks about the cyber incident response directive PPD-41, Mayorkas helped resolve tensions b/w DHS & the FBI.
"We ended that process together and not ... fighting," said one of the former DHS officials, who staffed Mayorkas at a few NSC meetings.
The FBI reached out directly to Mayorkas when the problems arose, and the former official said that the successful approval of PPD-41 was due in part to Mayorkas' conversations with FBI Deputy Director Andrew McCabe.
Referring to Mayorkas' interagency problem-solving, Spaulding said, "I think his background at DOJ" — he was U.S. attorney for CDCA — "gave him a wealth of understanding of how the law enforcement community thought and worked" and "great credibility when he walked in the door."
Inside DHS, Mayorkas "was very supportive of our work," said Greg Touhill, who oversaw the department's 24/7 cyber watch center as asst. secretary for cyber.
"He actually came to visit us, meet with our team and try to better understand what we were facing in the cyber realm."
As Russian hackers disrupted the 2016 election, Mayorkas, like his boss Jeh Johnson, wanted to publish "as much information as we could" to warn Americans, said a former DHS official.
This led to tensions with the White House, which was afraid of politicization accusations.
Eventually, DHS and ODNI secured permission to issue a joint statement about Russian interference.
"I don’t want to put any words in their mouth," the former DHS official said of Johnson and Mayorkas, "but my sense is they would have liked it to be earlier and stronger."
As deputy DHS sec, Mayorkas was very concerned that agency leaders weren't accountable enough for cyber breaches.
He was there for the OPM breach, which led to a rare agency leader resignation.
Mayorkas discussed his concern during a mtg of Obama's 2016 cyber commission.
Spaulding said Mayorkas understood that cyber threats are still novel enough to require senior-level attention.
“Cyber is an issue that can jump up and bite a leader if they don’t pay sufficient attention to it," she told me, "and I think Ali knows that."
Former DHS officials said that Mayorkas is also a great boss.
"He’s a strong family man and recognizes that people have lives outside of the office, which is always nice in the stress of a front-office job like that."
"He was a really good guy, really friendly to talk to."
"Cyber was definitely new to him when he got into the deputy position, but he quickly got up to speed," said one former official. "My sense of him was that he would listen to the experts. … He’ll listen to the folks at CISA ... and carry their message forward."
Spaulding recalled one day when DHS leadership reached a decision that she'd argued against.
She was in the car when her phone rang.
"It's Ali calling to say, 'I know that wasn’t the way you wanted it to go. Are we okay? Are you okay? How are you doing?'"
So, yes, Mayorkas will be focused on immigration — but folks expect him to keep cyber top of mind too.
He's "aware that cybersecurity’s going to be a big issue and has become a top issue for [DHS] to track," a fmr official said. "I think he’s going to weigh that appropriately."
Biden picks Alejandro Mayorkas as DHS secretary, the transition team announces.
Mayorkas focused on cyber as DHS dep sec: info sharing, private sector trust issues, intl partnerships, breach lawsuit chilling effects, & need to reduce duplicative regs & improve agency oversight.
Among other things, Mayorkas led the DHS team that helped negotiate the 2015 deal with China that temporarily ended Beijing's IP theft.
He also helped negotiate the CISA info-sharing law and pushed for what would become the other CISA, the standalone cyber agency.
Cyber gets a prominent mention in Biden team's bio of Mayorkas (whose pick is obv much more significant for non-cyber reasons):
"During his tenure at DHS, he led the implementation of DACA, negotiated cybersecurity and homeland security agreements with foreign governments..."
As I reported last week, Trump can also fire CISA's deputy director and now (presumably) acting director, but he can't fire CISA's third-ranking official, the executive director, a career position that Krebs created specifically for a moment like this. politico.com/news/2020/11/1…
CISA Director Chris Krebs, one of the few Trump administration officials with widespread bipartisan credibility, is reportedly telling people that he expects to be fired by the White House.
Krebs has led election security efforts through 2018 and 2020.
It's hard to overstate the impact that Krebs has had on the government's cybersecurity work over the past several years.
He's been able to steer his agency around the chaos and get things done with external partners who are repulsed by the rest of the Trump administration.
The Trump White House has essentially ignored CISA since it was created in 2018, but now that appears to be changing.
@Bing_Chris, who broke this story, also reported that today's resignation of one of Krebs' top deputies came under White House pressure: reuters.com/article/us-usa…
The FBI is investigating robocalls falsely telling people in several states that they can vote tomorrow if lines today are too long, a senior CISA official told reporters on a briefing call. #ElectionDay
The federal government is not aware of any election technology issues beyond the ones that have been publicly reported, a senior CISA official says.
“What we’ve shared and what’s out there is pretty much the body of knowledge" so far.
1️⃣ Don't panic about the election technology glitches we're seeing.
A malfunction "may slow things down," Krebs told me, and "lines may get a little bit longer," but "that's part of the ‘keep calm, vote on’ [idea] — we want some patience out there."
2️⃣ Election officials are much better prepared for cyber threats than they were in 2016.
"Across the board, we've seen behaviors improve," Krebs said, due in part to better fed/state/local/private-sector coordination.