National Cyber Czar: Good or Bad?

On Friday, President Obama made some remarks on securing our nation’s cyber infrastructure. Some highlights are:

• It’s the great irony of our Information Age — the very technologies that empower us to create and to build also empower those who would disrupt and destroy.
• America’s economic prosperity in the 21st century will depend on cybersecurity.
• Cyber threat is one of the most serious economic and national security challenges we face as a nation.
• This status quo is no longer acceptable — not when there’s so much at stake.
• Protecting this infrastructure will be a national security priority.  We will ensure that these networks are secure, trustworthy and resilient.  We will deter, prevent, detect, and defend against attacks and recover quickly from any disruptions or damage.

All accurate. All worthy comments. Obama then went on to describe his strategy in five key areas:

1. Working in partnership with the communities represented here today, we will develop a new comprehensive strategy to secure America’s information and communications networks
2. Working with all the key players — including state and local governments and the private sector — to ensure an organized and unified response to future cyber incidents.
3. Strengthening the public/private partnerships that are critical to this endeavor.
4. Continuing to invest in the cutting-edge research and development necessary for the innovation and discovery we need to meet the digital challenges of our time.
5. Beginning a national campaign to promote cybersecurity awareness and digital literacy from our boardrooms to our classrooms, and to build a digital workforce for the 21st century.

So will it work? Will an Internet czar help protect against cyber attacks? Is the praise being heaped upon the new cybersecurity direction merited? Can a cybersecurity czar make a difference in a government full of turf wars, departmental budgets, and various opinions on what to do and how to do it?

A cyber defense should be part of our military defense. For the most part, it is. Key to most information security programs and policies is to promote the confidentiality, integrity and availability of information. The problem is that collectively, we have done a poor job ensuring this is collectively the case. This is not because of a lack of effort or expenditure. There are smart IT and security personnel working in the various agencies. They know what they are doing. The question we must ask is:  What makes Obama think that having a czar that reports to him — but who has no budgetary or personnel control over the various agencies — will be successful in making cyber space safer for the nation? Are we just adding another bureaucrat that returns and reports, but accomplishes little?

Government is rarely the answer. Obama has already established his own record of how not to use goverfnment for the betterment of all. In order for cybersecurity to work as a nation, it will be up to each agency, state, city, country, industry and private firm to defend its portion of cyber space. Having a solid, national cyber security blueprint with funding hooks and accountability might help the various entities get on the same page.

This entry was posted on 1 June 2009 at 10:33 and is filed under Homeland Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response or trackback from your own site.

| Print