Welcome to the Real World, Rod

When Rod Beckström decided earlier this month to step down as director of the National Cybersecurity Center, it was the best decision of his tenure. Unfortunately, it can't begin to make up for his worst decision regarding the NCSC over the past year: taking the job in the first place.

Upon his appointment last March, Beckström was hailed as a consensus-builder, Silicon Valley entrepreneur, philanthropist and all-around good person. People who like to suck up to the government for monetary or personal gain hailed the appointment as visionary and touted Beckström as the only person who could bring government together to secure itself. My response was, "But he doesn't know anything about security or working inside the government."

Sadly, I was very right.

It's not that I believe Beckström is a bad person in any way. But I didn't buy the Pollyanna attitude that one person can overcome decades of bureaucracy. It also takes a bit of arrogance for someone without any cybersecurity experience to think he can take charge of cybersecurity for the most complicated organization in the world -- the U.S. government.

Now reality has set in. In announcing his departure, Beckström complained that the National Security Agency is too involved with the NCSC. No mention of the bigger issue that his whole organization received only five weeks of funding over the past year. Frankly, not being funded should be a clue to how much the larger organization values your work.

I have criticized the NSA's domestic spying, which I believe has set the agency's reputation back decades. The NSA's leadership should be ashamed of this chapter in the agency's history. Now is when we most need the NSA's expertise, but its domestic spying makes its involvement in a civilian program like the NCSC unpalatable.

But that's a battle that was lost before Beckström even walked in the door. The reality is that there is no other option to the NCSC, now or in the near future. Beckström's gross naiveté or willful ignorance is not helpful. The NSA has been responsible for securing government computer systems for more than three decades. It has the largest pool of cybersecurity expertise in the world. It probably provided the largest number of people for Beckström's team -- and the NSA, at least, is quite well funded. But Beckström managed to sound petty as well as out of touch when he complained about the plan to move his group to Fort Meade, home of the NSA. If most of his people come from the NSA and he needs to attract even more people to his team, why not accept this bit of convenience for his staff?

At recent congressional hearings on cybersecurity, experts criticized the DHSfor being unable to attract and retain good talent. Assuming these experts are correct, how did Beckström think he could acquire the talent necessary to replace the NSA if it were removed from the NCSC?

When thinking about Beckström, though, I keep returning to his original misstep of taking on the NCSC leadership. As a Silicon Valley entrepreneur, he should have been prepared to evaluate three critical and fundamental issues: cash flow, staffing and the market. With regard to cash flow, the organization was not funded. With regard to staffing, the bulk of available people were from the NSA, and he had no funding to hire his own quality people. With regard to the market, it is an incredibly stagnant environment that has fundamentally not changed in three decades.

Beckström can criticize the government all he wants, but the fact is, all of the conditions he's complaining about existed long before his arrival. I have no sympathy for a person who complains about a job he shouldn't have taken in the first place.

Ira Winkler is president of Internet Security Advisors Group and author of the book Spies Among Us. He can be contacted through his Web site, www.irawinkler.com.


Copyright © 2009 IDG Communications, Inc.

Shop Tech Products at Amazon