Cyber Coordinator Characterized as a EunuchKey Lawmaker: Cybersecurity "Czar" Post Requires More Punch
"If we're going to have someone, we don't need a cybersecurity eunuch; we need someone who has a little bit more oomph to get the job done," Rep. David Wu, who chairs the House Science and Technology Committee's Subcommittee on Technology and Innovation, said in an interview with GovInfoSecurity.com.
In May, as part of his cybersecurity agenda, Obama said he would appoint a cybersecurity coordinator - a post that remains vacant - who would not report directly to the president but through his national security and national economic advisers. The Commission on Cybersecurity for the 44th Presidency, comprised of leading government, military, private sector and academic IT security experts, last December proposed the establishment of an Office of Cyberspace in the White House, with its head reporting directly to the president -- a position Wu generally supports.
"I'd like to either give up on the concept of a cybersecurity czar or have a cybersecurity czar with real authority and with at least some budgetary influence," Wu said. "I think what we have had is not a cybersecurity czar, but a cybersecurity eunuch. If you look at the record, we've had a series of resignations and very little bureaucratic influence and very little budgetary influence."
The Clinton and Bush administrations had several cybersecurity advisers at various levels - the most notable being counterterrorism and cyber-terrorism senior adviser Richard Clarke, who quit because of the lack of attention given cybersecurity by the Bush White House - but none as high ranking as envisioned by the bipartisan commission. This year, several visible, but lower-ranking cybersecurity officials resigned: Rod Beckstrom as director of the Department of Homeland Security's National Cybersecurity Center, Mischel Kwon as director of DHS's United States Computer Emergency Response Team and Melissa Hathaway, who conducted the administration's 60-day cybersecurity review, as White House acting senior director for cybersecurity, fulfilling many of the tasks a permanent cybersecurity coordinator would perform. In September, Obama named Chris Painter, a Justice Department cybersecurity official, as Hathaway's replacement. Wu wasn't critical of the president for taking so long in naming a permanent cybersecurity adviser. "This administration has been careful in making its appointments," Wu said, "and I do not begrudge them the opportunity to be careful in their selection."
Where a powerful cybersecurity "czar" - a term the White House rejects - would be positioned isn't as important to Wu as is the job itself. "I'm flexible on organization," he said. The ranking member on the Senate Homeland Security and Governmental Affairs Committee - Sen. Susan Collins, R.-Maine - proposed the government's top cybersecurity adviser be posted to DHS, but most backers of a powerful cybersecurity adviser want the office to be housed in the White House.
If such a high-ranking post is not created, Wu sees the National Institute of Standards and Technology - the agency that creates information security guidance and which Wu's subcommittee provides oversight - taking a more active role in coordinating government cybersecurity policy. "NIST has been a very capable agency and is fully capable in leading role in this," Wu said. "It's not my preferred alternative, but it's better than having cyber eunuch in place, and hoping for good things and again being disappointed."