Lawmakers question whether DHS cybersecurity role will be undercut by White House appointment
Department of Homeland Security nominee assures Senate hearing new role will not conflict
Computerworld - Just days after President Obama announced his plan to appoint a new White House cybersecurity coordinator, lawmakers are questioning the impact the move might have on the U.S. Department of Homeland Security's role in cybersecurity.
At a confirmation hearing on Wednesday for Rand Beers, the nominee for the undersecretary for the department's National Protection and Programs Directorate, members of the U.S. Senate Committee on Homeland Security and Governmental Affairs expressed hope the move wouldn't dilute DHS' cybersecurity mission.
Sen. Susan Collins (R-Maine), a ranking member of the Senate Committee, said she had a "lot of reservations about the establishment of a White House cybersecurity czar." Such an appointment would make it far more difficult for members of Congress to provide oversight because it would not be easy to get a presidential adviser to testify before the committee, she said.
Sen. Collins said that the addition of a new White House coordinator further confused the issue of who exactly will be in charge of protecting cyberspace, especially considering the string of new cybersecurity appointments made by the DHS earlier this week.
The chairman of the committee, Sen. Joseph Lieberman (Ind-Conn.), said that there had been a "lot of concerns" that Obama's appointment of a new cybersecurity czar would "undercut the role of the DHS." He added that from what he has seen so far, that doesn't appear to have happened, and hoped that the DHS would continue to be in charge of affairs. "To me it's just not turf. It's a very critical element of homeland security," the Senator said.
In response to such concerns, Beers said he had been assured personally by White House counterterrorism adviser John Brennan that the DHS's operational role in cybersecurity would not be undercut. Beers said he understood that there would be "no realignment of roles and mission for the department" following the appointment of a new White House cybersecurity adviser. President Obama's as yet unnamed appointment will have no operational authority and will serve a purely coordinating function, he said.
Beers noted that to properly fulfill its information security mission, the DHS has to work with several Departments including Treasury, Defense, Commerce and Justice. "To protect the U.S. government from cyber intrusions will require us working with all of those departments and agencies. Sometimes, I'm sorry to say we need help to get people to play in the same sandbox," which is where a White House coordinator can help, he said.
The discussion over the DHS' likely role is just a preview of the challenges the new White House appointee is likely to face. Currently civilian federal agencies, defense communities and the DHS are all working on separate and disparate missions on the cybersecurity front.
Though it is not clear yet what clout exactly the new coordinator will have, many expect the biggest challenge the appointee will face is getting all these stakeholders to agree and work on a common cybersecurity mission.
Obama and tech
- White House set to unleash 100,000 federal data sources via data.gov
- Growing White House ties to Google draw protest
- Experts: Obama cybersecurity plan short on details
- U.S. cyberwarfare command: Better late than never
- Obama outlines cybersecurity plans, cites grave threat to cyberspace
- Obama's new cybersecurity direction wins praise
- Internet warfare: Are we focusing on the wrong things?
- Obama administration said to consider military cybercommand
- Obama taps Melissa Hathaway for federal cybersecurity review
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily... All Cybercrime and Hacking White Papers | Webcasts