The big news surrounding the passage of the Intelligence Reform Act this week was the creation of a new, top-level intelligence director position, which will oversee all aspects of intelligence gathering and dissemination in the U.S. government.
But the technology community was calling foul at the elimination of another proposed high-level post. During last minute, “mercurial” conference sessions, a provision that would have created an assistant secretary of cyber security within the Department of Homeland Security (DHS) was eliminated.
“The executive branch must exert more leadership” in this area, says a statement issued this week by the Cyber Security Industry Alliance, a Washington-based lobbying group.
Many hoped the post would help end the musical chairs nature of the current cyber security director position, which has been a problem since the Bush administration took office in 2000.
President George W. Bush appointed Richard C. Clarke to be the nation’s first cyber security “Czar”, but he resigned in frustration in February 2003. He was followed by Howard Schmidt, now the chief security officer at eBay, who also quit after two months. Most recently, the position was held by Amit Yoran, a former Symantec executive. But by then the position was a part of the DHS, and Yoran, reportedly frustrated by the lack of attention given to the issue, resigned in October after just one year.
No one doubts the necessity of protecting the nation’s airports and infrastructure, but the topic of cyber security doesn’t require a senior-level post says the DHS, which requested the excision, according to Harris Miller, president of the Information Technology Association of America (ITAA).
“We’re still examining respective options for reorganization,” says Katie Mynster, a spokesperson for DHS.” [But] regarding that position specifically, we continue to believe that the integration of physical and cyber security within the Infrastructure Protection Directorate is the best method to protect the nation’s infrastructure.”
Security observers fear that with the elimination of the assistant secretary proposal, cyber security could slip further down the mindshare and budget priority list. Miller says that because the assistant secretary position is a political appointee-level post, requiring congressional approval hearings, it carries far more heft than the current staffing level.