5 Fed Cybersecurity Priorities for the Summer

Summertime Action: Naming a cyber czar, reforming FISMA, securing the cloud, enhancing R&D and updating the Privacy Act.

By , June 26, 2009.
  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
5 Fed Cybersecurity Priorities for the Summer

A

See Also: Fighting Financial Fraud: Mitigation for Malware, Phishing & DDoS Attacks

sleepy summer in Washington in regards to cybersecurity? Forgetaboutit! From 1600 Pennsylvania Avenue to Capitol Hill, to the suburban outskirts of the capital, administration officials, Congressional staffers and IT security bureaucrats are pushing ahead on legislation and policy regarding the securing of government IT and protect citizens online privacy.

The five top cybersecurity priorities the government is tackling this summer are Naming a Cybersecurity Czar, Reforming the Federal Information Security Management Act, Securing Cloud Computing, Enhancing Cybersecurity R&D and Updating the Privacy Act.

1. Naming a Cybersecurity Czar

When President Obama outlined his administration's cybersecurity policy late last month, he disappointed some by not naming a senior White House cybersecurity adviser. Many government IT security experts have called for a high-level czar who would have the president's ear. The president referred to the post as a cybersecurity coordinator, suggesting a not-as-influential aide. Either way, the president is expected to name presently someone to that post.

"A coordinator is a good thing to have, compared to what we had before," says Eugene Spafford, head of Purdue University's Center for Education and Research in Information Assurance and Security one of the nation's foremost experts in information security. "The problem with such a position is that it reports up through several levels of different organizations before getting to the president. Whoever is in that position doesn't have any ability to set policies that are going to be adhered to by executive branch agencies. That person doesn't have any budget authority, other than what they can persuade the Office of Management Budget or other organizations within the Executive Office of the President."

Tom Stanton, a fellow at the Center for the Study of American Government at Johns Hopkins University, says President Obama should choose someone as the cybersecurity czar like John Koskinen, who as the deputy director of the Office of Management and Budget in the late 1990s and helped guide the governments year 2000 remediation efforts. "You need somebody in the czar position ... who has John Koskinen's ability to herd ducks, to get these agencies, for all of their turf issues, for all of their infirmities, for all of their distraction to other elements of their mission, to focus on this and get it done," Stanton says.

Among names mentioned as possible White House cybersecurity advisors: former Rep. Tom Davis, onetime chair of House panel with IT oversight; National Security Council team member Melissa Hathaway, who ran the administration's cybersecurity review; Fred Kramer, assistant defense secretary for international security affairs under President Clinton; Howard Schmidt, former Microsoft chief security advisor and former adviser to Bush on cyberspace security; Paul Kurtz, Obama advisor who served in the National Security Council under Bush and Clinton; Susan Landeau, a Sun Microsystems's distinguished engineer with cybersecurity and public policy expertise; Maureen Bainski, a former FBI intelligence leader; and Scott Charney, head of Microsoft's cybersecurity division.

On Tuesday, Davis withdrew his name from consideration.

2. Reforming FISMA

Staffers on the Senate Committee on Homeland Security and Governmental Affairs are refining legislation introduced this spring that would revise the seven-year-old Federal Information Security Management Act, the law that provides direction on how the government governs information security.

Two bills have received the most attention: the United States Information and Communications Enhancement Act, or U.S. ICE, sponsored by Sen. Tom Carper, D.-Del., and another measure, the Cybersecurity Act of 2009, sponsored by Sen. Jay Rockefeller, D.-W.Va.

Follow Eric Chabrow on Twitter: @GovInfoSecurity

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Surveillance Demands Follow Paris Massacre

In the wake of the Paris massacre, the head of Britain's MI5 domestic intelligence agency has...

Latest Tweets and Mentions

ARTICLE Surveillance Demands Follow Paris Massacre

In the wake of the Paris massacre, the head of Britain's MI5 domestic intelligence agency has...

The ISMG Network