Obama taps Bush aide Melissa Hathaway to review federal cybersecurity efforts
President asks Hathaway, who led multiagency security initiative launched by Bush, to recommend changes in existing programs
Computerworld - Melissa Hathaway, a Bush administration official who is credited with helping to develop a multibillion-dollar classified initiative aimed at better securing federal systems and critical-infrastructure networks against online threats, has been named by President Barack Obama to lead a 60-day review of the government's cybersecurity efforts.
Hathaway was named acting senior director for cyberspace for the National Security Council as well as the Homeland Security Council. She has been tasked with conducting the governmentwide review of ongoing cybersecurity programs and developing recommendations for ensuring that they are aligned with government and private-sector needs, according to a statement released by the White House this evening.
A story posted online yesterday by The Wall Street Journal, quoting unnamed government sources, said that Hathaway was expected to be chosen to head up a new White House cybersecurity office after the review was completed. The statement about the review from the White House didn't address that possibility.
Hathaway has been working as a cybercoordination executive for the Office of the Director of National Intelligence (download PDF). She chaired a multiagency group called the National Cyber Study Group that was instrumental in developing the Comprehensive National Cyber Security Initiative, which was approved by former President George W. Bush early last year. Since then, she has been in charge of coordinating and monitoring the CNCI's implementation.
Amit Yoran, a former director of the U.S. Department of Homeland Security's National Cyber Security Division, said today that although Hathaway isn't very well known outside of Washington, she is a "known entity" within the federal cybersecurity community.
"She has been really charging and moving forward with CNCI for the past 24 months," said Yoran, who currently is CEO of NetWitness Corp., a vendor of network-traffic analysis tools in Herndon, Va. He also was a member of a commission, set up by the Center for Strategic and International Studies (CSIS) in Washington, that recommended major changes in the federal government's approach to cybersecurity in a report issued in December.
If the reports about Hathaway becoming Obama's cybersecurity chief are correct, she will have "pretty strong leverage" to influence policy and bring together various government entities as part of the CNCI, Yoran said. Her immediate assignment to review the work that has been done thus far as part of the initiative and other cybersecurity programs is a good idea, he added.
"Just because she has been managing it doesn't mean the direction she has taken shouldn't be reviewed," he said. The review is especially needed, according to Yoran, because much of the work that has gone on under the CNCI has been classified. "I wouldn't be surprised if there weren't some adjustments to the current portfolio that need to be made," he said, while noting that he also thinks "a lot of the activities that are under way" likely are aligned with national cybersecurity objectives.
Obama and tech
- Obama outlines cybersecurity plans, cites grave threat to cyberspace
- Obama's new cybersecurity direction wins praise
- Internet warfare: Are we focusing on the wrong things?
- Obama administration said to consider military cybercommand
- Obama taps Melissa Hathaway for federal cybersecurity review
- IT Blogwatch: Obama's CTO is Aneesh Chopra
- New federal CIO Vivek Kundra wants a Web 2.0 government
- Obama's plans for health care IT: Too much money too soon?
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts