Homeland Security mulls cyber czar nomination

The Homeland Security Department on Oct. 1 created a new post for a cyber-security czar -- a post that the technology industry and Congress repeatedly have urged for two years -- but has yet to nominate a candidate for the job.

An announcement in the coming days would coincide with the House and the department recognizing October as National Cyber Security Awareness month. Lawmakers on Monday approved a House resolution making that designation.

House Homeland Security Economic Security, Infrastructure Protection and Cybersecurity Subcommittee Chairman Dan Lungren, R-Calif., said in a hearing Tuesday that the vote the day before indicated the government's efforts on cyber security. He said officials voting mid-month on the resolution showed how the government is trying to play catch-up on protecting the country from a cyber attack.

"In an age where hackers and terrorists are using advanced technologies to attack our cyber infrastructure at an alarming rate," said Rep. Bennie Thompson, D-Miss., "the Department of Homeland Security is moving at dial-up speed in naming an assistant secretary for cyber security."

The department announced late last month that it would work with key industry partners to "spread the word" throughout October about online safety by providing tips and resources for protecting computers.

While industry groups are pleased with the government's efforts this month, several representatives and lawmakers are anxious for the appointment of the cyber-security assistant secretary that Homeland Security Secretary Michael Chertoff first proposed in July.

"Anytime the term 'acting' is in your title, you lose the weight and authority necessary to truly do a job right," Rep. Bill Pascrell, D-N.J., said of Andy Purdy, the acting director of the National Cyber Security Division. "The fact that there is still no full-time entity within the department shows a glaring lack of foresight from this administration."

Industry representatives share Pascrell's concerns, but they also said the department wanted to wait to nominate a candidate until after Congress approved Homeland Security's fiscal 2006 spending. The bill, which lawmakers approved earlier this month and President Bush signed into law Tuesday, put the official stamp on Chertoff's proposal to elevate the director of the cyber-security division to assistant secretary.

"I hope a name is forthcoming soon," said Paul Kurtz, executive director of the Cyber Security Industry Alliance. "It's high time the person is named."

Now that lawmakers have given Chertoff their blessing, Information Technology Association of America President Harris Miller said he hopes the secretary "has some people waiting in the wings." Adam Falkoff, executive director of the Republican Technology Council, said Purdy "has the skills to navigate through the bureaucracy of the department."

Under Chertoff's plans, the cyber-security division will be removed from the old unit on information analysis and infrastructure protection, and the assistant secretary will be charged with protecting cyber and telecommunications systems.

The assistant secretary will have a $93 million budget next year for cyber exercises and work with private and public entities. The cyber-security division also is responsible for coordinating and overseeing cyber-security activities across the government.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec
 
 

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.