Cyber "Czar" Job Description Needs Redefining
Sometimes things look better on paper, but in reality they just don't work. Take, for instance, President Obama's proposal to have the White House cybersecurity coordinator report through the National Security Council and the National Economic Council.
The thinking, on the surface, is sound. Coordinating cybersecurity - especially when you consider that 85 percent of the nation's critical IT infrastructure is owned and operated by the private sector - requires someone whose expertise is not only government process and information security, but who has more than a passing grasp of economics.
And that's one of two major reasons why the job remains vacant six months after the president proposed it. Who has such a background?
Here's how Melissa Hathaway, the leader of the president's 60-day cybersecurity policy review, put it in a conversation I had with her:
"There are just not that many people who have that kind of rÃ©sumÃ© and have the experience within government and within the private sector that is going to be necessary to help really lead both the government and the private sector forward as what is needed for the president."
But it's not just ones curriculum vitae at issue here. It's the reporting structure, too. Qualified individuals don't want to report to two strong personalities, in this case, National Security Adviser James Jones, a retired four-star Maine general, and National Economic Adviser Lawrence Summers, a former Treasury secretary and Harvard University president.
The president of the IT security firm RSA, Art Coviello, had been informally approached by Obama aides to see if he would be interested in the post, though no official offer had been made. Even if he received the job offer, he suggested at a press dinner, he'd be foolish to take it:
"Nobody wants that job. It doesn't report to the right people."
Who are the right people? Those who want a strong cybersecurity presence in the White House believe the right person is the president himself, or at least the chief of staff.
Whether one believes the cybersecurity adviser should be on the highest rung of the White House ladder or somewhere toward the middle, it seems clear that a new job description is needed.