Presidential candidate Joseph Biden’s campaign has hired a cybersecurity veteran and former top official in the Department of Homeland Security (DHS) to fortify its systems and networks against cyber attackers.
Biden’s new chief information security officer (CISO) is Chris DeRusha, who currently serves in a similar role for the state of Michigan. In addition to his DHS stint, DeRusha also holds private industry experience as head of Ford Motor’s enterprise vulnerability management program.
The Democrat candidate’s campaign has also hired Jacky Chang, a veteran Silicon Valley software engineer, as its new chief technology officer (CTO), charging her with managing its network infrastructure and overseeing a product development group homed in on political-related software. In her current role, Chang sources and evaluates technical projects focused on social impact at Schmidt Futures. Her background also includes a senior engineer post on Hillary Clinton’s 2016 campaign.
“Biden for President takes cybersecurity seriously and is proud to have hired high-quality personnel with a diverse breadth of experience, knowledge, and expertise to ensure our campaign remains secure,” the campaign said. “Jacky and Chris will be central to strengthening the infrastructure we’ve built to mitigate cyber threats, bolster our voter protection efforts, and enhance the overall efficiency and security of the entire campaign.”
In Senate Homeland Security Committee hearings last February, DeRusha advocated for more federal assistance to shore up state and local government cybersecurity defenses. “Our country’s state and local governments are on the front lines of today’s digital conflict, attacked daily by highly resourced advanced persistent threats, and there remains a great deal of work in order to secure the networks we rely on to provide essential services to the public,” he said. (via WP)
Biden’s team has already posted job applications to flesh out DeRusha’s staff, searching for a senior cloud security architect and a senior cyber incident response/threat analyst among other positions.
The CTO post previously included cybersecurity duties but after the departure of former Biden CTO Dan Woods it was split into two roles, the Washington Post reported. Campaign officials view building out a dedicated cybersecurity team as a necessity heading into the general election in November. Cybersecurity chiefs so far have been rare hires for political campaigns. In the Democratic primaries, only Major Pete Buttigieg had a CISO on staff but that relationship was short-lived. Still, in some ways it’s puzzling why Biden waited this long to hire a cybersecurity leader. With only four months until the presidential election, the campaign has some work to do to shore up its flanks against cyber attacks. For example, in a survey conducted last October by security provider SiteLock, Biden’s operation ranked second to last among the 12 presidential candidates at the time, failing to lock down email security, data privacy and its online presence.
History has shown us that attacks by foreign cyber infiltrators to interfere with a presidential election will only intensify in frequency and virulence from what occurred in 2016. A month ago, Google’s Threat Analysis Group (TAG) warned that Chinese and Iranian cyber operatives have attempted to infiltrate both Biden’s and President Trump’s campaigns with phishing operations. A Biden spokesperson said at the time that the campaign knew that “we would be subject to such attacks and we are prepared for them.”