| After a 60-day review of the nation’s cybersecurity program conducted by Melissa Hathaway, Cybersecurity Chief at the National Security Council, the President is preparing to name a so-called cybersecurity coordinator who will direct national security policy from the White House.
The cybersecurity coordinator will serve as a member of the National Security Council and National Economic Council. He or she will work with other agencies and departments, including the Office of Management and Budget and the Homeland Security Department. In addition the job description for this new post calls for the coordinator to create an effective information sharing and incident response capability both within the government and the privately owned infrastructure; and encourage research and development to ensure security and reliability in future generations of information technology.
In theory at least an effective cybersecurity coordinator could go a long way in furthering the President’s stated goal of treating the nation’s digital infrastructure as a national asset whose security will be a national priority. In fact, however, that whoever ends up in this slot is going up against nearly impossible odds.
Understand that Washington is already thick with cybersecurity chiefs. Start with the military brass that run the National Security Agency (NSA). They’re the big dogs in this arena. Among NSA’s responsibilities: protect U.S. government communications and information systems from similar agencies elsewhere.
Then we have something called the National Intelligence Program (NIP), which had a budget in 2008 of $47 billion. The NIP is headed by the Director of National Intelligence (DNI), currently Admiral (Ret.) Dennis C. Blair. Blair, like the new coordinator, is a member of the National Security Council. Note that part of NIP’s charter is to build a diverse intelligence workforce for the Nation that collaborates across professional disciplines and intelligence agencies.
Of course,,the FBI has cybersecurity boss, Shawn Henry as do the Air Force and Army Brigadier General Steven Smith, the Army's chief cybersecurity officer is establishing a new cyber taskforce. Also. with attempts to attack DOD networks having more than doubled recently Secretary of Defense Robert Gates has announced plan to more than quadruple DOD’s cyber-security force.
I almost forgot Homeland Security; it had a cyber security boss, but the position is currently vacant. And naturally the new federal CTO and CIO’s responsibilities include ensuring information security.
So what are the problems? Let’s start with too many chefs -- way too many chefs -- and too many disparate cybersecurity operations, many of which are likely overlapping in their efforts. Many of the cybersecurity operations also rely heavily on contractors, or at least they did in the past. One lesson learned from the Bush Administration: outsourcing cybersecurity activities isn’t necessary the best way to go.
Two, leverage. In Washington, you’re only as powerful as your boss, or your boss’s boss. The coordinator will work out of the White House, but does not report to the President. Even if he/she has access to the Oval Office – and Obama has said that will be the case --, that doesn’t necessarily give the coordinator the clout to create the collaboration the President is seeking.
Three: The they don’t play well with others syndrome. Presumably, the coordinator will try to ensure that all those with a stake in cybersecurity are on the same page, or at least reading from the same book. Good luck with that. I mentioned that the Homeland Security job was vacant. That’s because Rod Beckstrom, formerly director of the National Cyber Security Center (NCSC), part of Homeland Security, resigned in early March after less than a year in office. His job was to protect civilian, military and intelligence networks,.but he quit because he claimed NSA was making a power play to take over all national security efforts.
So what’s this new guy supposed to do, drop by NSA or DOD and say, “Hey, guys, what’s up? Can you tell me a little but about that new encryption software you’re buying?” In order to fight the cyber wars effectively, we’ve got to end the turf wars in Washington. It’s going to take more than a cybersecurity coordinator to begin bringing that about.
Only registered users can write comments.
Please login or register. |
