In Depth

Cybersecurity Crossroads: Will White House Czar Choose the Right Path?

President Obama is set to name a new cybersecurity czar with unprecedented access to the Oval Office. The move will please some security pros, but frustrate others who think government is already in too deep.

By Bill Brenner, Senior Editor

Page 2

The latter example is what worries those who have looked over the legislation kicking around Congress. Some worry that deeper federal control over cybersecurity could lead to what one might call Red Tape 2.0. The concept of having to "cut through the red tape" dates back to the Civil War, when official government documents bound by red twine tape moved slowly through the bureaucracy. Some of those polled by CSOonline worry about the red tape clogging the gears of cyberspace, especially when one considers the government's troubles securing its own online infrastructure. There are also those who believe the government simply shouldn't have its hand in areas beyond its control.

"Government needs to play a guiding and regulating role, and not necessarily be the end all be all of security," Justin Hornberger, Chinese cyber analyst at Spiral Solutions and Technologies Inc., wrote in a discussion thread on LinkedIn's CYBER WARFARE Forum Initiative (CWFI) group. "There are too many private functions that the government should not be privy too, and does the government really want the onus to be on them if a private electric company has some equipment destroyed because they dropped the ball?"

But the vast majority of those polled agree the government must play a greater role in online security.

"To which extent would our government help our private sector fulfill the responsibility of securing cyberspace? By fostering IT security training within the private sector, by creating regulations, standards and incentives to help the software industry clean their code, by working side-by-side with the private sector when performing cyber exercises," AT&T Chief Security Engineer Paul V de Souza wrote in the same discussion thread. "We all have to keep in mind that our National Security must never be compromised, no matter how innovative we want to be, security must always be present and I believe that our government must lead the way by example."

On the same forum, Hank Hernandez, executive BD/Capture consultant at Syndetics Inc. and president/CEO at The Vyndicar Group Inc., wrote, "One way our government can help our private section fulfill the shared responsibility of securing cyberspace is to apply the power of federal procurement and incentives to cause IT providers to deliver safer, more secure IT applications and systems. By focusing on the guiding, regulating and orchestrating roles, the slow responding hand of government can enable swift response by industry and individuals."

Silverstone's view is that while there is a stronger role for the White House to play, more legislating isn't exactly necessary.