Internaut | Problems won't wait for a cybersecurity czar
Shawn P. McCarthy
The Department of Homeland Security is dealing with a critical mass of security issues at the moment, and the absence of an assistant secretary for cybersecurity and telecommunications is becoming increasingly troublesome. The appointment of this so-called cybersecurity czar is reportedly in the works, but it's been over a year since that position was created.
Concern over lack of progress for the appointment has grown strong enough that even the co-chairman of the House Homeland Security Committee, Rep. Bernie Thompson (D-Miss.), has expressed frustration. And the Business Software Alliance, whose membership includes many of the most popular names in the IT industry, has sent a letter to Homeland Security secretary Michael Chertoff.
Why, in real terms, is there so much hand-wringing? Here are some reasons it's important to get someone in this position quickly'someone who understands not only national security threats, but also the pressing issues faced by government data centers.
- System consolidation. As agencies consolidate many of their operations into shared systems and centers of excellence, more data than ever is being transferred through government networks. The need for better security is paramount. And as more enterprise architecture models are created, it's important that security considerations be included as part of these models when they are developed.
- Homeland Security Presidential Directive 12. This 'policy for a common identification standard for federal employees and contractors' is already generating a host of new card readers, new tracking systems and new data stores. All of this needs to be protected in a standardized way to ensure that best practices are maintained. But several agencies have admitted to having interoperability issues and lack of standardization. Deadlines have already slipped. The Office of Management and Budget is hoping for standardized ID cards to be issued by October, but that may slip too. Security will remain at risk until a way is found to better coordinate the various agency task forces now working on solutions. Direction needs to come from the top.
- $400 million in new Homeland Security grants. Previously, about 10 percent of typical DHS grants would be channeled into IT infrastructure improvement. The remaining amount usually went toward physical security, equipment purchases and personnel costs. The newest round of grants is specifically aimed at protecting critical infrastructure. This often means new systems and data-sharing initiatives, which in turn means protecting new networks, applications and storage systems. It's likely that 18 percent or more of this grant money will have some type of hardware, software or IT service component.
Increased border security. As networks of sensors are deployed along U.S. borders, a great deal of new data will be generated. One of the favorite new tools: a video screen that turns white when motion is static. It then shows only new changes if motion is detected. But like all data, these networks need to be protected from hackers and malicious code.
Clearly there is a rising tide of new systems and new security concerns for DHS to consider under its cybersecurity umbrella, and having a director in place to handle this challenge can't happen soon enough.Former GCN writer Shawn P. McCarthy is senior analyst and program manager for IDC Government Insights of McLean, Va. E-mail him at email@example.com.
Shawn McCarthy, a former writer for GCN, is senior analyst and program manager for government IT opportunities at IDC.