Cybersecurity Crossroads: Will White House Czar Choose the Right Path?
President Obama is set to name a new cybersecurity czar with unprecedented access to the Oval Office. The move will please some security pros, but frustrate others who think government is already in too deep.
By Bill Brenner , Senior Editor
May 28, 2009 — CSO —
In his 1981 inaugural address, President Ronald Reagan declared that government is not the solution to our problems, but that "government is the problem."
Fast-forward to 2009: A new president is in town who believes government can solve some of our problems, including cybersecurity. And he's getting ready to make some announcements on the matter.
Tomorrow the White House is expected to release the details of a 60-day cybersecurity review led by Melissa Hathaway, acting senior director for cyberspace for the National Security and Homeland Security Councils [Related: Why the Top U.S. Cyber Official is Losing Sleep]. Meanwhile, President Barack Obama is set to name a new cybersecurity czar who will have unprecedented access to the Oval Office. Potential candidates for the post include Hathaway and Paul Kurtz, former special assistant to President George W. Bush and senior director for critical infrastructure protection on the White House's Homeland Security Council.
All this comes as a bill sits in Congress that would give the feds greater cybersecurity enforcement power over the private sector.
The latter item has already sparked healthy debate among security practitioners, as seen in one of our recent articles, "Federalizing Cybersecurity: Necessary or Nitwitted?"
If a recent CSOonline poll of security practitioners via social networking sites like Linkedin, Facebook and Twitter are any indication, the debate over government's cybersecurity role is about to intensify.
Let's start with this week's activity at the White House.
On this security pros appear hopeful, including Atlanta-based Ariel Silverstone, a veteran of the Israeli Defense Forces with experience in physical and information security whose consultancy has included such clients as USAA, Chase Manhattan, Citibank, GTE, General Motors, Ford Motor Company and Vanguard Funds.
He thinks a new White House-based cybersecurity czar is a step in the right direction. At the very least, he said, one is needed to reign in federal agencies who have a history of not playing nicely together.
"Turf wars are a fact of life, from the Department of Interior to the Department of Defense," Silverstone said. "Putting all the responsibility for online security in the hands of the Department of Homeland Security is a mistake, because other agencies can shrug off cybersecurity as DHS's problem. Obama is doing the right thing by making this a report-directly-to-him position. That needs to happen to force more inter-agency cooperation."
Silverstone covered this and other issues in a paper he recently wrote and released, "A Strategy to Secure the Federal Cyberspace."
But there's also concern in security circles that it will be nearly impossible for such a cybersecurity czar to get things done. Sure, that person could end or at least lessen inter-agency squabbles over control, but he/she could also get crushed between the cogs that make up the slow-moving federal bureaucracy.