TechWeb

Obama, White House To Oversee Cybersecurity Leadership

May 26, 2009 (02:05 PM EDT)

Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=217700171


President Barack Obama on Tuesday announced the White House will create a new directorate or position within the executive branch to deal with cybersecurity, under the direction of the national security adviser.

The new cybersecurity directorate or position would be part of a new group of advisers called the national security staff -- consolidated international and homeland security support staff -- that would report to the national security adviser, the president said. As news of government cybersecurity concerns, including intrusions into the power grid and sensitive Air Force technical systems information, reaches a crescendo, experts have increasingly called for better cybersecurity leadership, with many proposing White House roles.

Obama is expected to announce the top post Friday, May 29, following a complete review of the federal government's cybersecurity policies and procedures. It isn't clear what, if any, authority the cybersecurity chief will have over private networks.

"It's the White House that can be the referee, the traffic cop, the carrot and stick, the one trying to make sure the efforts are organized, and that's the right kind of role for a central authority on this subject," Bruce Brody, chief security officer for the Analysis Group, said in a recent interview, when asked about the possibility of more centralized authority for cybersecurity.

Obama said he plans to integrate White House staff supporting national security and homeland security into a uniform "national security staff," which will support all policy activities relating to international and homeland security matters. The staff will report to the national security adviser -- a change that Obama said would end the "artificial divide" between some White House staff.

The Homeland Security Council will continue to be the main organization for interagency deliberation on homeland security issues, he said. The council will also draw support from the White House national security staff.




The national security staff will include new positions for addressing cybersecurity, information sharing on terrorism, border security, and preparedness and response, Obama said in the statement.

Obama also said he plans to keep the position of assistant to the president for homeland security and counterterrorism, which will cover White House advisory duties and allow direct access to the president.

Finally, Obama said that he will create a new Global Engagement Directorate to shape policies around diplomacy, communications, international development and assistance, as well as domestic engagement and outreach.

The White House has also stated that the nation should lead international and domestic efforts to make sure the world's information infrastructures are safe, to invest in the Internet, and to increase collaboration with the private sector and others to protect networks.

Congress has also pushed for a new cybersecurity leadership role in the White House, in recent bills from Sens. Tom Carper, D-Del.; John D. Rockefeller IV, D-W.Va.; and Olympia Snowe, R-Maine.

However, while experts and former officials have almost universally touted the need for more clarity in terms of cybersecurity leadership in government in recent interviews, there's some disagreement over the role of the White House.

"The federal government has the skills, tech, and resolve to attack this cybersecurity problem head on; what it does not have is the organizational unity and a central point of authority that is neither micro-managerial nor laissez-faire," says Greg Garcia, former assistant secretary for cybersecurity and telecommunications under the U.S. Department of Homeland Security. "However, we should be careful about just moving all cybersecurity authority into the White House."

According to The Washington Post, the new position will be one of several announcements made as the Obama administration releases a highly anticipated government cybersecurity report. The White House report, headed up by interim White House cybersecurity adviser Melissa Hathaway, will reportedly define the czar's role as one creating policy and coordinating the cybersecurity roles of federal agencies, though the document won't go into deep specific detail on such touchy issues like whether and how the National Security Agency might be involved in protecting private networks.

Hathaway has served as cybercoordination executive to the director of national intelligence and a cybersecurity adviser to the Obama team, and is reportedly also in the running for the new position.

According to the Post, the White House report will recommend that the White House's Privacy and Civil Liberties Oversight Board be given new members and a mandate to include ensuring privacy rights are considered during the creation of new cybersecurity policy.


InformationWeek Analytics has published an independent analysis on what executives really think about security. Download the report here (registration required).