Cyber: Seven days in March
One week ago Rod Beckstrom resigned as Director of the National Cybersecurity Center protesting what he claimed is NSA heavy-handedness in cybersecurity strategy and operations. Monday Beckstrom explained to Forbes that there is a fundamental mis-match between NSA’s mission focus and what is needed to prevent and mitigate cyber threats. “In intelligence environments like the NSA, you seek out and gather information, and then you classify it,” Beckstrom told the magazine. “It’s the opposite of collaboration.”
Beckstrom’s resignation letter was sent about the same time that the HLSwatch host was suffering a denial of service attack that kept us from making updates for about 12 hours and kept comments offline for three days. Our tech guy blames NSA too.
Some claim DHS doesn’t have the competence (or clout) to do cybersecurity anyway. On Tuesday Amit Yoran, a predecessor of Beckstrom’s told a House panel that the department, “has repeatedly failed to either attract or retain the leadership and technical acumen required to successfully lead in the cybermission space.” Was that a self-slam?
The GAO seemed to agree with Yoran and I will eventually link you to the report released Tuesday entitled National Cybersecurity Strategy: Key Improvements Needed. But early this Friday morning several GAO links are dead. The GAO list of “most recent” reports and testimony starts in August 2008 and goes back in time. Was someone hacked last night? (Saturday update: The GAO website has been restored to its typical orderly self. Read more on the House hearing in a Computerworld story.)
Since DHS can’t and NSA shouldn’t one witness told the House Homeland Security Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology that the White House needs to take a stronger role in cybersecurity. “If I have access to the president and control over budgets, I will get agencies to do whatever I want,” said Jim Lewis, director of the technology and public policy program at the Center for Strategic and International Studies. “We have to put that [authority] at the White House.” (More from nextgov.) Yeah. Besides there’s nothing else claiming the West Wing’s attention.
On Wednesday at 1:58PM Eastern I received a DHS email announcing that Phil Reitinger was being named Director of the National Cybersecurity Center (Beckstrom’s job). Oops. Fifteen minutes later the correction arrived. Reitinger is being named Deputy Undersecretary in the National Protections Program Directorate (NPPD). “In this role, Reitinger will be charged with protecting the U.S. government’s computing systems from domestic and foreign threats.”
Damn send buttons. But the error probably tells us what the Department’s media team was really thinking about and trying to deal with.
Yesterday my Email server was almost taken down by a tsunami of forwards all with copies of the new CRS report entitled, Comprehensive National Cybersecurity Initiative: Legal Authorities and Policy Considerations. The Federation of American Scientists’ Secrecy Project distributed this study of the classified CNCI program.
Last year that bastion of leftist succor for our enemies, the Senate Armed Services Committee, complained that super-secret treatment of the CNCI, ”…preclude(s) public education, awareness, and debate about the policy and legal issues, real or imagined, that the initiative poses in the areas of privacy and civil liberties. Without such debate and awareness in such important and sensitive areas, it is likely that the initiative will make slow or modest progress.”
Last night and this morning we are all reading about Vivek Kundra’s troubles as White House CIO. Free-lance snooping by some of Kundra’s former subordinates is alleged and there is no suggestion that Kundra is implicated. But for too many Obama appointments the send button seems to be stuck. Good tech support is so hard to find.
Well… it is Friday the 13th for the second time in two months.
