The MIT Technology Review writes this month about the state of cybersecurity policy in the federal government. The article strongly criticizes DHS for their failure to nominate an Assistant Secretary for Cybersecurity, a new post that was created in July 2005 as part of the DHS Second Stage Review:
These charges seem less outrageous considering the state of the position of assistant secretary for cybersecurity and telecommunications, in the U.S. Department of Homeland Security. This is the office nominally charged with coordinating and overseeing our government’s efforts to secure cyberspace, which have run into a slight problem: there is no assistant secretary of cybersecurity and telecommunications.
And there hasn’t been since July 2005, when secretary of homeland security Michael Chertoff announced the creation of the position as part of a reorganization. The position it succeeded had been the product of a reorganization, too. There is an acting director of the old department, the National Cyber Security Division, but his office will be bumped down a level upon the appointment of the assistant secretary.
I’m puzzled as to why this nomination hasn’t take place, nearly six months later. Hurricane Katrina might have provided a suitable excuse for delay two months ago, but not today. Is it that they can’t find anyone to take the job?
Read the whole article for a good overview of the state of federal cybersecurity policy today.