DHS Cybersecurity: The Interactive Nightmare

The lead defender in protecting the critical infrastructure is the Department of Homeland Security, a collection of 23 agencies that began operations in January 2003

Whether recruiting has improved is open for debate. James Lewis, senior fellow and director of technology policy at the Center for Strategic & International Studies, says getting talented people to join DHS is still a tough sell. "The problem they have is that DHS is relatively weak, as agencies go. It routinely gets beaten out by the FBI or CIA.... It's the new kid on the block," he says.

On the other hand, Alan Paller, director of research at the SANS Institute, believes Yoran has nabbed a bunch of good hires. "They're building a high-quality technical team—that's what Amit is doing. He knows how to hire really solid technical people and motivate them," Paller says, adding that employees like working with Yoran because, rather than being an inexperienced appointee, he comes from a cybersecurity background. (Yoran, a former military officer, worked at Symantec before joining DHS.)

As the agency struggled to begin operations, it also had to absorb the loss of Clarke, one of the country's foremost cyberterrorism experts. Clarke resigned just before the president removed the position of cybersecurity czar from the White House. Although many observers speculated that Clarke resigned in frustration at the loss of his White House post, he vehemently denies that. "I was not about to be absorbed—anybody that says that doesn't know what they're talking about." Clarke, now chairman of Good Harbor Consulting, says he left "because I'd completed 30 years of government service, because I'd just finished the project I had undertaken for the president, which was developing the National Strategy to Secure Cyberspace."

Howard Schmidt, the former CSO of Microsoft and vice chair of the infrastructure board at the time, succeeded Clarke as a White House adviser on cybersecurity. But within a few months, Schmidt resigned as well, becoming CISO of eBay.

After a long search, DHS Secretary Tom Ridge appointed Yoran to head the new National Cyber Security Division. Yoran, who reports to Assistant Secretary for Infrastructure Protection Bob Liscouski, took office in October.

Even though Yoran has been crowned the new cybersecurity czar, critics worry his kingdom has lost some power. The departures of Clarke and Schmidt and the removal of the cybersecurity position from the White House prompted questions about the administration's commitment to the issue. Clarke himself believes cybersecurity has fallen somewhat off the administration's radar. "Basically, what we've done is taken the former position we had until a year ago—where the senior person worrying about cybersecurity was a special adviser—and now that person is an office director," Clarke says. "That sent a message that was very widely interpreted by industry of the administration downgrading the importance of the issue."