A year later, still no cybersecurity czar

Just over a year after the Department of Homeland Security announced it would create a position for a cybersecurity czar, the Cyber Security Industry Alliance is lobbying for DHS to finally install someone into the job.

One year ago last week Homeland Security Secretary Michael Chertoff announced that an assistant secretary for cybersecurity and telecommunications was in the works. The position still remains vacant.

Paul Kurtz, executive director of the CSIA, said that Hurricane Katrina and other issues have pushed cybersecurity out of the forefront at the Homeland Security Department.

"My belief given the passing of time is that this is just unfortunately not a priority for the leadership at the Department," he said. "It's reasonable for some delay in light of Katrina."

While the hurricane and ensuing problems in the gulf coast took attention away, they should actually be reasons for more focus on communications security, Kurtz said.

"Katrina demonstrated the absolute importance of having communication structures that can work under duress," he said.

Strong telecommunication security is something that will help minimize problems in all types of major security issues, he added.

Though it's unclear who Homeland Security is looking at to fill the position, Kurtz suggested that experience in bureaucratic as well as corporate situations would be helpful.

"Ideally it would be a person who has a mix of government and private sector experience," he said.

For someone with both types of experience, "the learning curve would be less," he added.

No matter who it is, though, Kurtz said, Homeland Security needs to choose a candidate that has the backing of the White House as well.

"Then we'd have an individual who can easily negotiate across agencies," he said.

Kurtz said there's been a series of cybersecurity issues in the news, but none have caught enough attention to accelerate the Homeland Security Department's process.

"I hope it doesn't take a big event for the Department to focus on the issue," he said. "There's been a number of things that have happened that underscore the need" for the position to be filled.

Kurtz noted that computer-security company MacAfee has kept a database of computer exploits on file for 18 years. In the last two years, the size of the database has doubled from 100,000 to 200,000 security incidents, he said.

"It's not as though it's getting any better," he said.

Business Roundtable, an association of chief executive officers of major U.S. companies, recently compiled a report on America's cyberterrorism preparedness.

Their conclusion read, in part, "The lack of national policy on Internet reconstitution could undermine the economy and the security of the nation."

"The report basically said, 'we are not ready,'" Kurtz said.

He said that the report's concern is valid, and is something that the government must address.

"Katrina taught us that if government is not ready and communication breaks down, the effects of an event can be greatly exacerbated for citizens," he said.

If nothing is done soon, Kurtz said, "there will be a significant disruption, and when it happens we won't be ready."

Outside of a large-scale disaster, the best way to get Homeland Security to focus on cybersecurity is to publicize the position's vacancy.

"When they put their mind to it, it will happen fast," he said. "The only way we're going to get this done sooner than later is by concentrated pressure."

Copyright 2006 by United Press International

Citation: A year later, still no cybersecurity czar (2006, July 20) retrieved 28 March 2024 from https://phys.org/news/2006-07-year-cybersecurity-czar.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Iceland volcano erupts weeks after thousands were evacuated from a town on Reykjanes Peninsula

0 shares

Feedback to editors