McAuliffe touts buildup of cyber defenses in the states

McAuliffe touts buildup of cyber defenses in the states
© Getty

One year ago, Virginia Gov. Terry McAuliffe (D) rolled out his plan to boost the cybersecurity of state governments, a move that came months before revelations about Russian election interference in the 2016 election.

As chair of the National Governors Association, McAuliffe worked to bring states “up to snuff” on cyber defense, he told The Hill in an interview as 46 states capped off the initiative at a meeting in Leesburg, Va. 

“When we started out in this process, we probably had a handful of states really doing exceptional work, and some of the states were doing mediocre work, and a lot of states really had not anything in the cyber area,” McAuliffe said.   


“These states are totally different as it relates to cyber from when we started this program,” he said. “Every governor is now acutely aware of the challenges.” 

During the yearlong push, McAuliffe and his leadership set up a cyber resource center, hosted regional summits and brought in experts from inside the government — including the Department of Homeland Security and the FBI — to speak to the governors about cybersecurity.

Each state was also rated at the start on a series of cyber protocols — something that McAuliffe said was a wakeup call for many governors. “Many of the states just hadn’t done anything,” he said.

Now, McAuliffe says that each state has met a set of basic minimums for cybersecurity — but many have more progress to make, including bolstering the cyber workforce to keep up with a growing demand for IT professionals in the modern digital age. 

“Many states have a long way to go before they even get to the workforce issue,” McAuliffe said. “They’re just trying to deal with the basic infrastructure costs.”

McAuliffe is serving his final months as Virginia’s governor. He would not give credence to speculation he could run for president in 2020. Both Politico and the Washington Examiner ran stories this month raising the possibility of a potential bid from the longtime ally of Bill and Hillary ClintonHillary Diane Rodham ClintonJeff Flake: Republicans 'should hold the same position' on SCOTUS vacancy as 2016 Momentum growing among Republicans for Supreme Court vote before Election Day Warning signs flash for Lindsey Graham in South Carolina MORE.

“I tell everybody the same thing. I’m finishing up here strong as governor, we’ve got a great track record going. I want to finish the next seven months strong,” McAuliffe said. “I have no intentions of running for president — but they keep writing the stories.”

Before leaving the governor’s mansion, McAuliffe said he intends to pass a resolution at the NGA summer meeting in Rhode Island next month to ensure the cybersecurity initiative continues.

‘No direction’ from Congress

It’s not just states that need to do better, McAuliffe warned, taking aim at Congress for providing little comprehensive direction on cybersecurity. 

“We don’t get direction — any direction at all — from Washington on cybersecurity,” McAuliffe said. “The states, we’re leading ourselves.”

Several members of Congress have focused on cybersecurity in the wake of high-profile intrusions and attacks, including the massive breach of sensitive data at the Office of Personnel Management (OPM) disclosed in 2015. Subsequent incidents, such as the global “Wanna Cry” ransomware attack in May, have put the spotlight on the rapid evolution of cyber threats.

Lawmakers have made progress on some cyber legislation, including a bill to help agencies discard aging IT infrastructure to install modern, more secure systems. 

But McAuliffe argued that there needs to be comprehensive cybersecurity legislation coming out of Washington, along with the designation of a single committee with jurisdiction over cyber issues.

Currently, cyber spans several different panels in the House and Senate, including those with oversight of DHS, the Pentagon and the intelligence community.

Trump ‘needs to lead’

The Virginia Democrat stopped short of criticizing the Trump administration for its efforts on cybersecurity thus far. 

President Trump drew praise from many lawmakers and the private sector for his long-awaited cybersecurity executive order signed in May, but prompted a flurry of critical media coverage for missing a self-imposed deadline for an anti-hacking plan within 90 days of taking office.

“I am happy to see that an executive order was done,” McAuliffe said. “But, you know, that’s just throwing a pebble into the ocean.

“These are big, complex global issues that we’re all trying to deal with, and the president needs to lead on this,” he continued. 

Russia committed ‘act of war’ 

Much of the cybersecurity action in Washington has been viewed in the context of the ongoing investigations into Russian election interference, a matter that has dogged Trump since he took office.

The saga entered a new chapter when ousted FBI Director James Comey testifying that Trump directed him to let go of the investigation into Michael Flynn, who resigned as national security adviser following revelations about his contacts with the Russian ambassador. Robert Mueller, the special counsel now leading the investigation, is reportedly investigating possible obstruction of justice.

The issue has extended to the states, too, given the intelligence community’s conclusion that Russian intelligence accessed elements of state and local electoral boards. Bloomberg reported on Tuesday that Russian hackers targeted systems in 39 states, much wider than has been publicly acknowledged.

“Clearly, the Russians tried to undermine our democracy. I think that is very clear. They wanted to destabilize our government. This is, to me, an act of war,” McAuliffe said. 

“There needs to be action taken against Russia,” he added, signaling support for a Russia sanctions deal that cleared the Senate on Thursday. 

McAuliffe would not say whether he believes associates of the president coordinated with Moscow, holding out for the results of the investigation.

“I will say this — somebody had to give a roadmap to the Russians. They’re not sitting over in some basement drinking vodka in Russia figuring out how to do this,” McAuliffe said. “I just hope the investigation will lead us to how this happened and who was involved in it because in my mind, it’s treason.”