If confirmed, DHS nominee to continue with cybersecurity initiatives
Jeh Johnson intends to generally stick to Obama administration's cybersecurity initiatives
October 18, 2013 — CSO — If confirmed, Jeh Johnson, the former high-ranking Pentagon official nominated Friday to head the Department of Homeland Security, is not expected to bring much change to the Obama administration's cybersecurity initiatives.
President Barack Obama chose Johnson in part because of his managerial experience as general counsel of the Department of Defense, where he managed 10,000 military and civilian lawyers all over the world with a staff of 100. Johnson will need Senate confirmation to start his new job.
The ability to manage a sprawling bureaucracy is certainly a requirement for DHS secretary. The agency, formed in the wake of the 9/11 terrorist attack in New York, has 10s of thousands of employees and comprises more than a dozen agencies, from the Secret Service and Immigration and Customs Enforcement (ICE) to the Federal Emergency Management Agency.
"Jeh (pronounced "Jay") Johnson brings considerable DOD experience to this job," Stewart Baker, former assistant secretary for policy at DHS, told CSOonline.
"Since the organizational challenges at DHS are exceeded only by the challenges of running DOD, Johnson's on-the-job training at DOD will serve him well."
Johnson's high-profile accomplishments as chief lawyer for the Pentagon during the first term of the Obama administration included his legal authority over all drone strikes and his advocacy for allowing gays to serve openly in the military.
Because the administration has already set cybersecurity policy, Johnson is expected to leave the execution to others.
"He'll certainly appreciate the importance of cybersecurity as an issue, but I think it's too soon to say that he'll take a different approach," Baker said.
"DHS's challenges there are much more about execution than about policy, so I wouldn't expect a great change."
Obama issued an executive order in February that put into play those cybersecurity initiatives that do not need congressional approval. Key elements of the order included a Cybersecurity Framework for setting standards to mitigate risks and having government agencies share cyberattack information with the private sector.
Regulations that would make private sector participation mandatory would have to come from Congress, which is considering several proposals. The DHS plays an important role in advising lawmakers on the administration's positions.
Like his predecessor Janet Napolitano, Johnson is expected to make national cybersecurity a top priority at DHS. Napolitano resigned in September to lead the University of California system.
"Cyber will be among one of his top agenda items, no doubt," James Forest, director of the Graduate Program in Security Studies at the University of Massachusetts, Lowell, said.