DHS reorganization creates new cybersecurity position
The move could mean more focus on cybersecurity issues
Chertoff, in the results of a review of the DHS structure he started after taking over as secretary in February, elevated the cybersecurity chief at the DHS several levels on the agency's organizational chart by creating a position of assistant secretary for cyber and telecommunications security. Several tech-oriented trade groups, including the Information Technology Association of America (ITAA) and the Cyber Security Industry Alliance, have repeatedly called for an assistant secretary to raise the profile of cybersecurity issues at the DHS.
The DHS did not release information about when it expected to have an assistant secretary in place.
An assistant secretary will have the authority to set policy and pull private industry into collaborations with government, ITAA President Harris Miller said recently. "The proof of the pudding is in the eating," Miller said. "Have we made enough progress yet in those areas? The clear answer is no."
IT groups have also suggested that a higher-level position with more authority would stop high turnover among government cybersecurity chiefs. The last DHS cybersecurity director, Amit Yoran, lasted about a year on the job.
Miller applauded Chertoff's decision to create the new position. Four bills introduced in Congress this year had also called on the DHS to create an assistant secretary of cybersecurity.
The DHS, when it was created in January 2003, didn't "give adequate focus" to cybersecurity, Miller said. He said the assistant secretary should establish lines of communication between government and private industry. In many cases, private industry sees cyberattacks sooner than government agencies do, he said, and there needs to be a "sophisticated, real-time, highly trusted" information-sharing mechanism between government and private companies.
An assistant secretary will be able to tie together several cybersecurity efforts within government, added Jack Danahy, CEO of Ounce Labs Inc., an IT security vendor. "Now there will be one voice telling the industry what government wants to do," said Danahy, who serves on a software security working group at DHS.
But some security experts have questioned the value of an assistant secretary, saying that without greater leadership from the top levels of the Bush administration, a new position may not improve cybersecurity much.
"If you don't have a strategy, does it matter what you call them?" said James Lewis, director of the Technology and Public Policy Program at the Center for Strategic & International Studies, a Washington think tank. "Can you think of an assistant secretary who's an advocate in Washington?"
Lewis suggested "no" is the correct answer to both questions. He acknowledged, in a recent interview, that on a symbolic level, a higher-level position could raise the profile of cybersecurity issues, but in practice, "I don't know if it makes much of a difference."
Chertoff's reorganization includes a number of other changes at the DHS, including the hiring of a chief medical officer to address medical preparedness, and the assignment of chief intelligence officer duties to the DHS assistant secretary for information analysis. Chertoff noted in a speech that the DHS has 10 intelligence-generating offices, and the role of the chief intelligence officer will be to coordinate all DHS intelligence.
This pilot fish is a contractor at a military base, working on some very cool fire-control systems for tanks. But when he spots something obviously wrong during a live-fire test, he can't get the firing-range commander's attention.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Reduce federal infrastructure risk with compliance management and situational awareness
- IBM continuous monitoring and management solutions deliver real-time situational awareness to help federal agencies understand vulnerabilities, and protect the infrastructure.
- Budd Van Lines Moves Data Closer to Home
- Shipping and logistics company Budd Van Lines uses Infinio to improve performance on their VDI environment. The company employs a virtualized datacenter based...
- Storage Performance with Cost Control
- As IT groups expand their server virtualization initiatives, central storage performance can become the bottleneck and create poor end user experience.
- Server-side Caching for the VMware Admin
- vExpert David Davis weights in on how best-in-class server-side caching solutions can drastically improve storage performance and reduce latency without the addition of...
- Move Mission-Critical Apps to the Cloud with AWS and F5
- Read this paper to learn about adoption inhibitors of the cloud, potential solutions, and how advanced Application Delivery Controller (ADC) technologies are critical... All Government IT White Papers
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center...
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their...
- DevOps with PureApplication System: Reduce cost and speed delivery with an integrated IBM Cloud solution Join this webcast to hear what ING Netherlands has been able to achieve while deploying DevOps tools from IBM Rational. An ING executive...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- All Government IT Webcasts