October 25, 2019
Press Release

WASHINGTON – Today, Congressman Ted W. Lieu (D-Los Angeles County) sent a letter to White House Chief of Staff Mick Mulvaney raising concerns over an Axios report that 12 senior White House cybersecurity officials have left or have been forced out of their roles. These White House employees were charged with protecting the White House and President from hacking efforts. The weakening of their office, the Office of the Chief Information Security Officer, could jeopardize national security.

In the letter, Mr. Lieu writes:

Dear Mr. Mulvaney:

I write with great concern about recent reports suggesting that at least 12 senior White House cybersecurity officials have left or been forced out of their roles, potentially weakening the White House’s network defense. An article in Axios on October 23, 2019 details a disturbing memo written by former branch chief for network defense Dimitrios Vastakis, who resigned, and warns that the “White House is posturing itself to be electronically comprised once again.” The article also distressingly says that the White House handed over cybersecurity responsibilities to “non-PRA entities,” referring to the collapse of the Office of the Chief Information Security Officer (OCISO) into another office exempt from the Presidential Records Act.

As you know, OCISO was established in 2014 to defend the White House and the Presidential Information Technology Community network from Russian hacking attempts. Your predecessor expressed concern in his resignation memo that OCISO staff are “systematically being targeted for removal from the Office of the Administration through various means” including “revocation of incentives, reducing the scope of duties, reducing access to programs, revoking access to buildings, and revoking positions with strategic and tactic decision making authorities.”

While the immediate concern of a potential network breach is paramount, cyber infiltration can also result in a long term serious threat to national security. Additionally, the apparent effort to move cybersecurity operations into an office exempt from the Presidential Records Act fits the President’s history of obstructing and hiding transcripts and government business by manipulating internal bureaucratic procedures.

A White House data breach would give our adversaries an untold advantage in almost every foreign policy and national security matter. Therefore, I request answers to the following questions:

  1. Is your office aware of efforts by members of the President’s team to oust career cybersecurity officials without good cause?
  2. Are you taking immediate steps to staff the OCISO with qualified replacements following the mass departure of career employees, as detailed in the aforementioned article?
  3. Why have White House cybersecurity responsibilities been delegated to the Office of the Chief Information Officer (OCIO), which is not covered under the Presidential Records Act?
  4. Will you commit to providing Congress with documents related to the decision to collapse OCISO into the OCIO?
  5. Have you been in contact with intelligence agencies including the Office of the Director of National Intelligence and the National Security Agency about the concerns raised in Mr. Vastakis’ memo?

Thank you for your attention to this matter.


Ted W. Lieu
Member of Congress