Creation of White House cybersecurity office remains uncertain
Chances are 'there will not be one king,' one lawmaker said
Computerworld - It's unclear whether a report being prepared for President Barack Obama on federal information security preparedness will support recent calls for the creation of a new cybersecurity office within the White House, two lawmakers said today.
Instead, the report may recommend a more collaborative and cooperative strategy among federal agencies on the issue of cybersecurity without a single agency or department in charge, they said.
Members of the U.S. House Cybersecurity Caucus today met with Melissa Hathaway, acting senior director for cyberspace for the National Security Council and Homeland Security Council.
Hathaway, who is conducting a 60-day review of federal cybersecurity preparedness on behalf of the president, today presented a status report to members of the caucus.
Speaking with reporters after the briefing, Rep. James Langevin (D-R.I.), co-chair of the caucus, and Rep. Yvette Clarke (D-N.Y.), chairwoman of a subcommittee within the Committee on Homeland Security, said it was unclear yet what Hathaway might recommend.
Rather than "include another structure" within the White House, there may be a call for an increase in staffing within the White House Office of Management and Budget (OMB) in a bid to improve its current role of overseeing government cyberaffairs, said Langevin. Chances are "there will not be one king," he said.
Langevin co-chaired a commission at the Center for Strategic and International Studies, a bipartisan think tank, that has called for the creation of a centralized cybersecurity office in the White House to be named the National Office for Cyberspace. The new office could combine the National Cyber Security Center (NCSC) and the Joint Interagency Cyber Task Force, two existing agencies that are handing cybersecurity today.
The U.S. Government Accountability Office (GAO) has also called for a new office dedicated to cybersecurity within the White House. Calls have been prompted by what is perceived as the inability of the U.S. Department of Homeland Security to lead the nation's cybersecurity mission.
Hathaway's report will also look at public-private partnerships in the area of information security and address the issue of ownership of such partnerships, Clarke said. The review will examine what regulations and incentives are most likely to engender cooperation from the private sector, she said.
Langevin said that as part of the effort, Hathaway is talking to various regulatory bodies to figure out what is working and what isn't. "Clearly, this is not going to be one or the other. It's going to be a combination of both," Langevin said, pointing to the model employed by the federal government to address the Y2k problem as an example.
In conducting the review, Hathaway is soliciting input from privacy and civil rights groups that might be concerned about the implications of the nation's cybersecurity efforts on privacy and individual rights, the representatives said. Such concerns came to the fore recently following the resignation of Rod Beckstrom as director of the NCSC. In quitting, Beckstrom cited lack of support for his office from within the DHS and what he said were the growing number of attempts by the National Security Agency (NSA) to take control of domestic cybersecurity affairs.
Beckstrom's resignation lifted the lid on widespread opposition to the notion of a spy agency such as the NSA playing a leading role in national cybersecurity affairs.
Tech watch: Obama administration
- Obama's Web 2.0 'town hall' draws 92,000 users
- New federal CIO Vivek Kundra wants a Web 2.0 government
- White House changes course, appoints its first federal CIO
- Obama's plans for health care IT: Too much money too soon?
- Obama taps Bush aide to review federal cybersecurity efforts
- Obama lauds Intel plan to invest $7B in chip plants
- Obama plan says cyber infrastructure is 'strategic'
- Is Obama's handheld really a BlackBerry, or something else?
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts