Seeking Game-Changing Ideas for CybersecurityFederal CTO Outlines His Info Security Agenda
Chorpa, former Virginia technology secretary, responded to a written question from Sen. Ben Nelson, D.-Fla., after the adjournment of his confirmation hearing earlier this week by the Senate Commerce, Science and Transportation Committee. Chopra wasn't quizzed closely about federal information technology policy during the hearing. Senators can ask nominees to respond to written questions for days after a hearing ends.
Here's the written exchane between Nelson and Chopra, as provided by Nelson's office:
Nelson: Over the past year, we have seen a number of reports of cyber-intrusions into government networks. The Office of the Director of National Intelligence is currently in the process of completing a 60-day review of national cybersecurity policy, and the Pentagon is also reviewing its cybersecurity policies. In your "dual" role as chief technology officer and associate director of OSTP (White House Office of Science and Technology Policy), what do you see as your role in ensuring that we have an effective, national cybersecurity strategy?
Chopra: If confirmed, it would be my responsibility to ensure that the federal government pursues a course of responsible adoption of technologies that can improve the efficiency, effectiveness and transparency of government and improved delivery of government services for the American citizen.
In the case of information technologies, part of that responsibility would include working with the federal CIO, the CIO Council, DHS (Department of Homeland Security) and other stakeholders in the federal government to ensure that adopted technologies are safe and reliable. Since most intrusions are the result both of vulnerabilities in the information technology systems and improper configuration or use, I would stress both improvements in the security of federal IT systems and a robust training and awareness program for the federal workforce on the importance of good security practices.
Addressing the immediate cybersecurity needs of the federal government is essential; however, as the associate director of OSTP for technology, my responsibility would also include providing guidance for the prioritization and coordination of advanced technology research in the federal government, including research in cyber security.
If confirmed, I would emphasize a research program on "game-changing" ideas in cybersecurity, to find new ideas that might transform the nation's information infrastructure to be more secure and simpler to understand and use. The goal is to make it "easy to do the right thing, hard to do the wrong thing, and easy to recover when the wrong thing happens anyway."