Cybersecurity gets new attention from the Hill
Legislation would give the cybersecurity coordinator post new power, including budget authority
It was a year ago this month — May 29 to be exact — that President Barack Obama welcomed a standing-room only crowd to the East Room of the White House to announce his administration’s commitment to a comprehensive new approach to cybersecurity.
Declaring that the status quo “no longer is acceptable,” Obama placed a cybersecurity stake in the ground by announcing a number of initiatives, perhaps the most visible of which was creating a new cybersecurity coordinator position to direct national cybersecurity policy from the White House. The new policy and the ceremony itself were greeted by many as an important victory — a sign that a serious and escalating concern had at last won the attention of the nation’s president.
Obama to revamp cybersecurity policy, will name coordinator
Proposed Office of Cyberspace would come with budget authority
But as the ceremony concluded, and the crowd of government and industry officials dispersed through the White House gates, a series of nagging questions were left hanging. The most worrisome was: How could a new cybersecurity coordinator be effective without budget authority — not to mention needing to serve competing masters by reporting to both the National Security Council and the National Economic Council?
Not surprisingly, it took White House officials six months to find someone with the necessary background and suitable political credentials to take the cybersecurity reins. By most measures, the White House’s choice of Howard Schmidt, named to the position last Dec. 21, has been broadly applauded. However, the lack of a budgetary stick and the need for greater authority continued to undermine Schmidt’s role.
That’s why we welcome the news of legislation introduced May 6 by Reps. Jim Langevin, (D-R.I.) and Michael McCaul, (R-Texas). The Executive Cyberspace Authorities Act of 2010 would make the cybersecurity coordinator a permanent, presidentially appointed, Senate-confirmed position, named the director of the National Cyberspace Office. More importantly, agencies would need to submit their cybersecurity budgets — along with threat analyses, cybersecurity plans and other key reports — to the cybersecurity director for approval before the budgets go to the Office of Management and Budget for inclusion in the president's budget proposal. The director also would gain authority to coordinate with the National Institute of Standards and Technology to set standards, develop and oversee cybersecurity policies, and coordinate IT security training in government.
More good news came from the Hill with the Senate’s long overdue confirmation May 7 of National Security Agency Director Lt. Gen. Keith Alexander to lead the Cyber Command. The confirmation process has held all kinds of military cybersecurity decisions in limbo since the command was announced last year.
Here’s hoping the new legislation — and Alexander — get the respective traction they need to address the serious cyber threats ahead.
Wyatt Kash served as chief editor of GCN (October 2004 to August 2010) and also of Defense Systems (January 2009 to August 2010). He currently serves as Content Director and Editor at Large of 1105 Media.