Obama taps Bush aide Melissa Hathaway to review federal cybersecurity efforts

More

Obama and tech

• Obama outlines cybersecurity plans, cites grave threat to cyberspace
• Obama's new cybersecurity direction wins praise
• Internet warfare: Are we focusing on the wrong things?
• Obama administration said to consider military cybercommand
• Obama taps Melissa Hathaway for federal cybersecurity review
• IT Blogwatch: Obama's CTO is Aneesh Chopra
• New federal CIO Vivek Kundra wants a Web 2.0 government
• Obama's plans for health care IT: Too much money too soon?

More: Obama tech watch

Computerworld - Melissa Hathaway, a Bush administration official who is credited with helping to develop a multibillion-dollar classified initiative aimed at better securing federal systems and critical-infrastructure networks against online threats, has been named by President Barack Obama to lead a 60-day review of the government's cybersecurity efforts.

Hathaway was named acting senior director for cyberspace for the National Security Council as well as the Homeland Security Council. She has been tasked with conducting the governmentwide review of ongoing cybersecurity programs and developing recommendations for ensuring that they are aligned with government and private-sector needs, according to a statement released by the White House this evening.

A story posted online yesterday by The Wall Street Journal, quoting unnamed government sources, said that Hathaway was expected to be chosen to head up a new White House cybersecurity office after the review was completed. The statement about the review from the White House didn't address that possibility.

Hathaway has been working as a cybercoordination executive for the Office of the Director of National Intelligence (download PDF). She chaired a multiagency group called the National Cyber Study Group that was instrumental in developing the Comprehensive National Cyber Security Initiative, which was approved by former President George W. Bush early last year. Since then, she has been in charge of coordinating and monitoring the CNCI's implementation.

Amit Yoran, a former director of the U.S. Department of Homeland Security's National Cyber Security Division, said today that although Hathaway isn't very well known outside of Washington, she is a "known entity" within the federal cybersecurity community.

"She has been really charging and moving forward with CNCI for the past 24 months," said Yoran, who currently is CEO of NetWitness Corp., a vendor of network-traffic analysis tools in Herndon, Va. He also was a member of a commission, set up by the Center for Strategic and International Studies (CSIS) in Washington, that recommended major changes in the federal government's approach to cybersecurity in a report issued in December.

If the reports about Hathaway becoming Obama's cybersecurity chief are correct, she will have "pretty strong leverage" to influence policy and bring together various government entities as part of the CNCI, Yoran said. Her immediate assignment to review the work that has been done thus far as part of the initiative and other cybersecurity programs is a good idea, he added.

"Just because she has been managing it doesn't mean the direction she has taken shouldn't be reviewed," he said. The review is especially needed, according to Yoran, because much of the work that has gone on under the CNCI has been classified. "I wouldn't be surprised if there weren't some adjustments to the current portfolio that need to be made," he said, while noting that he also thinks "a lot of the activities that are under way" likely are aligned with national cybersecurity objectives.