Senator questions wisdom of White House control over cybersecurity

Computerworld - The ranking member of the U.S. Senate's Homeland Security Committee, Susan Collins (R-Maine), today raised questions about recent calls for a direct White House role in coordinating national cybersecurity affairs.

At a hearing this morning on strategies for securing cyberspace, Collins said that putting the White House in charge would make it harder for Congress to exercise needed oversight over critical cyber policies and budgets.

Those concerns emerged even as another lawmaker -- Sen. Thomas Carper (D-Del.) -- announced that he is introducing a bill to establish a National Office for Cyberspace that would report to the president. Under the United States Information and Communications Enhancement Act of 2009, the director of that office would be appointed by the president and would be in charge of implementing a governmentwide strategy for securing cyberspace.

Carper's bill is similar to two others introduced jointly by Sens. Olympia Snowe (R-Maine) and Jay Rockefeller (D-W.Va.). Those bills also want to set up a cybersecurity office in the White House and include a provision that would allow the president to disconnect government and private entities from the Internet for national security reasons or in a cyberemergency.

Collins today urged a cautious approach to such proposals. "We have to be really careful about creating a new office within the office of the president," she said. Doing that would "diminish our ability to exercise Congressional oversight" of cyber issues, she added.

"That is not to say that we are looking at the [Department of Homeland Security] to make decisions on declaring [cyber] war," Collins said. "Obviously, that is something the president would do with Congressional input," she said. The key is to avoid turf battles, inadequate Congressional oversight and unclear lines of authority, she said. "We need to strengthen cybersecurity, and the question is how best to do this," Collins said.

She suggested that the government use as a model the National Counterterrorism Center (NCTC), which was established in August 2004 on the recommendations of the 9/11 Commission. The NCTC works in the Office of the Director of National Intelligence (ODNI) -- a setup that allows for greater Congressional oversight, she said.

"This new administration has shown a tendency to appoint specialists and czars" for virtually every important function, Collins said, noting that such moves can lead to agency conflicts and hamper oversight. "Congressional oversight is critical to making real progress," she said.

Stewart Baker, a former assistant secretary at the DHS and now a partner at Steptoe & Johnson LLP, a Washington-based law firm, also argued against the creation of a White House office for cybersecurity. Baker said that while there is a need to better organize our defenses in cyberspace, the goal should be to strengthen the DHS's ability to handle the task by giving it needed resources and support from agencies such as the National Security Agency and the military.