Hathaway advocates for direct White House role on cybersecurity
Says federal government isn't 'organized appropriately' to address cyberthreats
Computerworld - SAN FRANCISCO -- Endorsing a viewpoint that's been gaining currency in the security industry, President Obama's acting senior director for cyberspace Wednesday called for a more direct White House role in coordinating national cybersecurity efforts.
Melissa Hathaway, who just completed a 60-day review of the government's cybsersecurity preparedness at the president's behest, said that while cybersecurity needs to be a shared private and public sector effort, the task of leading it "is the fundamental responsibility of our government."
In arguing for a bigger White House role, Hathaway said the government's responsibility "transcends" the purviews of individual departments and agencies, none of which has a broad enough perspective to match the "sweep of the challenges."
"Protecting cyberspace requires strong vision and leadership and will require changes in policy, technology, education, and perhaps law," she said.
Hathaway is a former Bush administration aide who has been working as a cybercoordination executive for the Office of the Director of National Intelligence. She headed a multiagency group called the National Cyber Study Group that was instrumental in developing the Comprehensive National CyberSecurity Initiative which was approved by former President George W. Bush early last year.
In February, Obama asked her to conduct a review of federal cybersecurity programs to see what needed to be done to better align them with the threats they are designed to mitigate. She completed the review last Friday and her report was handed over to the president. It isn't known what if any recommendations might result from it.
Speaking at the RSA conference, Hathaway said that what she was offering was only a preview of what's contained in the report.
Based on her review, it's clear that the federal government is not "organized appropriately" to address threats in cyberspace, Hathaway said. Responsibilities for cyberspace are scattered across too many departments, many with overlapping missions and authorities.
"We need an agreed way forward based on common understanding and acceptance of the problem," she said.
Hathaway also stressed the need for greater collaboration between the private and public sector on cybersecurity matters because such a large portion of the critical infrastructure is owned by private companies.
"The public and private sector's interests are intertwined with a shared responsibility for ensuring a secure, reliable infrastructure upon which businesses and government services depend," she said. Going forward, the U.S. also needs to find a way to collaborate with other countries to secure cyberspace effectively, she said.
Though there were no surprises in Hathaway's speech, her remarks add to the growing chorus of voices calling for a substantial overhaul of federal cybersecurity practices. In December, the Center for Strategic and International Studies (CSIS) delivered a set of cybersecurity recommendations to the president, many of which are identical to those being suggested by Hathaway.



- Excel 2010 Cheat Sheet
- Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.
- Overcome Top 7 Admin Challenges of Active Directory
- As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable,...
- Insiders Can Ruin Your Company. Take Action.
- Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in...
- Top Solutions and Tools to Prevent Devastating Malware
- Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring...
- X-Ray of the PCI Process-4 Proactive Steps
- This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into...
- Identity Governance: The Business Imperatives
- This white paper describes the business challenges and opportunities that are driving interest in Identity Governance while discussing considerations your organization should make... All Security White Papers
- Live Webcast
Playing Defense: Staying on Top of Your Disaster Recovery Game - When it comes to disaster recovery, rapidly growing data volumes, distributed computing models, and new technologies all combine to present an ever-changing playing...
- Introduction to VMware vCenter Site Recovery Manager 5
- Traditional disaster recovery solutions are often too expensive, complex and unreliable to meet business requirements. As a result, IT departments are hesitant to...
- The Top Ten Secrets to Avoiding SAN Performance Problems
- Maintaining peak performance while simultaneously addressing the root cause of SAN errors is challenging. Learn the most common SAN problems and explore new...
- Deduplication Without Compromise
- Go inside Quantum's scalable, high-performance, multi-protocol new DXi deduplication appliances, designed to make backup much more effective. Discover how the new future-proof DXi6700...
- Director of Disk Products Discusses DXi6700
- Discover how the new DXi 6700 series of deduplication appliances provide investment protection and a future-proof feature set, all while delivering fast, scalable,...
- Playing Defense: Staying on Top of Your Disaster Recovery Game
- When it comes to disaster recovery, rapidly growing data volumes, distributed computing models, and new technologies all combine to present an ever-changing playing... All Security Webcasts