Computerworld - A new administration in Washington this year was expected to herald sweeping changes on the national cybersecurity front.
Expectations were high that the Obama administration would elevate cybersecurity as a national security issue at a time when government agencies and critical infrastructure targets are under growing threats from a range of adversaries.
However, as the year draws to a close, those expectations have become somewhat tempered with the realization that change on the cybersecurity front may be a little slower in coming, especially considering all the other priorities confronting Congress.
Here are three cybersecurity stories that promised much, but delivered little.
There was considerable enthusiasm when President Obama announced his plans to appoint a White House coordinator to oversee the implementation of a national cybersecurity strategy.
Many security analysts, and even the President's own former cybersecurity adviser, Melissa Hathaway, had said that such a role was vital to getting federal civilian agencies to work together on a common cybersecurity agenda.
That was in May. Today, with less than two weeks left in 2009, seven months after the announcement, there appears little chance that the Obama administration will name someone to the post. Even if it does, chances are high that the appointee will wield little clout in influencing real change on information security issues.
In the months since Obama announced the position, much of the prestige that was once associated with the role has eroded. A lot of that has stemmed from the way the job has been positioned within the executive offices of the President.
Instead of reporting directly to the President as many had hoped, the cybersecurity coordinator will report both to the national security adviser and the senior White House economic adviser -- a situation that makes the role more symbolic than anything else, analysts say.
The manner in which the role has been defined has left the White House with few takers for the job, with numerous high-profile individuals reportedly declining offers, including Microsoft's Scott Charney, Virginia Sen. Tom Davis, and RSA's Art Coviello.
Concerns stemming from health care fraud pushed Congress to introduce legislation this year requiring all health care entities to publicly disclose data breaches involving patient health information.
The bill was part of the $20 billion Health Information Technology for Economic and Clinical Health Act, passed as part of the stimulus package earlier this year and widely welcomed by many as a long overdue measure.
However, the U.S. Department of Health and Human Services, which is the agency responsible for developing the rules, introduced a last minute "harm threshold" requirement that privacy advocates say completely guts the intent of the bill.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
