Cybereye | IT czar could improve cyber security
- By William Jackson
- Nov 24, 2008
When the Commission on Cyber Security for the 44th Presidency releases its recommendations for the President-elect Barack Obama next month, one of them will be that the issue be elevated to the White House and not left with the Homeland Security Department, which is the current lead.
'This needs to be directed out of the Executive Office of the President,' in close cooperation with the National Security Council, Rep. Jim Langevin (D-R.I.), a co-chair of the bipartisan commission, said recently. 'DHS will not be able to handle it at this point,' he said. 'It is still a young, immature agency trying to stand itself up.'
The commission was formed last year by the Center for Strategic and International Studies. It is bipartisan group made up of government officials and industry experts. Langevin's co-chair is Rep. Michael T. McCaul (R-Texas).
Commission member Tom Kellermann, vice president for security awareness with Core Security Technologies, said that 'we are involved in a war of attrition,' in cyberspace, and that the FBI has identified more than 100 countries with military divisions dedicated to developing cyber attack capability. 'In addition to that, organized crime around the world has adopted hacking as a primary business model.'
The United States must adopt a doctrine of deterrence in cyberspace, and 'this necessitates a senior advisor in the White House,' he said.
The incoming administration of President-elect Obama has been receptive to these ideas, Kellermann said, and is expected to have a senior IT security adviser in the White House.
However, not everyone agrees that this is necessary idea, or even a good one. Will Wilkinson, a research fellow at the libertarian Cato Institute, recently said in a commentary article that 'America does not need more czars.'
'Czars and special new offices are mainly political theater -- the equivalent of 'looking busy',' Wilkinson wrote. 'Has a czar ever delivered anything more than the illusion that somebody's got things under control?' He cited inflation czars and drug czars from the Carter and Reagan administrations as notable examples of failures, and called the trend a symptom of dangerous expansion of executive power.
But to simply label a senior cybersecurity adviser a 'czar' and then write him off as political theater is neither fair not realistic. Reagan's drug czar was part of a politically induced hysteria that was from the beginning primarily political theater, much like current anti-terrorism paranoia. But cyber security is emerging as a genuine global threat that is having a real and immediate threat on the online underpinnings of the world's economy, and could be moving into our national security.
Because of its global nature the best place to address the threat is from the White House, which is responsible for foreign policy and international relations. It is essential that DHS be involved at a high level, and the issues will have to be dealt with to some extent in every agency. But a leader with a high profile and real clout across agency boundaries and national borders could be valuable in setting the agenda and directing the response to these challenges.
Obama's adviser would not be the first cyber czar. There also was Richard Clarke, who served in the Clinton administration but left early in the Bush administration. It was another six years before cyber security was elevated to the assistant secretary position in DHS, and in that time the situation has gotten worse, Kellermann said. The country is just now beginning to acknowledge that.
'We have finally gotten a cultural awareness that technology is a double edged sword and it is being used against us,' he said.
William Jackson is a Maryland-based freelance writer.