Official's departure revives push for promoting DHS cyber chief

The abrupt departure last week of Amit Yoran as a top cybersecurity official appears to have breathed new life into congressional efforts to elevate the position within the Homeland Security Department.

Within hours after news Friday that Yoran, director of the department's national cybersecurity division, had quit with one day's notice, staff from various congressional committees met to discuss the issue, government sources said. Earlier in the week, the issue had appeared finished for the year over seemingly insurmountable committee jurisdictional differences.

A new, trimmed provision to raise cybersecurity's status in Homeland Security appeared in Monday's Rules Committee version of an intelligence reform bill, H.R. 10. The new provision would elevate cyber security two levels, from director to assistant secretary, and give the new assistant secretary primary authority over the National Communications System.

Harris Miller, president of the Information Technology Association of America, said on Tuesday that the inclusion of the amendment "means the issue will not be an afterthought" in government. "Unfortunately, it had to take a fairly high-level departure" for it to get included, Miller said. "Certainly [Yoran's] departure served to re-energize the issue."

One attendee insisted that the congressional meeting was not a reaction to Yoran's departure but rather an attempt to meet the Friday deadline set by House leadership for amendments to the intelligence bill.

Yoran's departure caused a stir at senior levels of the Bush administration, an administration source said Monday. Yoran met with Homeland Security Secretary Tom Ridge the day before his departure. After the announcement, Robert Liscouski, assistant secretary for critical infrastructure and Yoran's boss, was harshly criticized by the White House Homeland Security Council, the source said.

Yoran sent a farewell e-mail to colleagues Sunday night cataloguing dozens of accomplishments of his office during his year there.

The original language to elevate cyber security in the department contained several pages of specific authority for the department. A competing bill from the House Government Reform Committee emerged last week and was viewed by some as an attempt to wrest back primary jurisdiction over cybersecurity.

Friday's meeting included staff from the Government Reform, Homeland Security, Judiciary and Science committees. "We're pleased that the negotiations were productive," Science Committee Chief of Staff David Goldston said. "We were able to limit the provision to a notion on which there was broad agreement."

Still in the House intelligence bill is a provision that would add a specific mention of information security to agencies' systems-planning requirements. The Rules Committee may vote on the bill Wednesday, with floor action expected Thursday.

If passed by the House, the issue will be addressed in House-Senate negotiations.

The original House language was offered as an amendment to the Senate intelligence reform bill Monday but was ruled non-germane to the bill by the parliamentarian, sources said. That amendment was more extensive in the responsibilities it would have given the next cyber-security chief.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Sponsored by One Identity

    One Nation Under Guard: Securing User Identities Across State and Local Government

    In 2016, the government can expect even more sophisticated threats on the horizon, making it all the more imperative that agencies enforce proper identity and access management (IAM) practices. In order to better measure the current state of IAM at the state and local level, Government Business Council (GBC) conducted an in-depth research study of state and local employees.

  • Sponsored by Aquilent

    The Next Federal Evolution of Cloud

    This GBC report explains the evolution of cloud computing in federal government, and provides an outlook for the future of the cloud in government IT.

  • Sponsored by LTC Partners, administrators of the Federal Long Term Care Insurance Program

    Approaching the Brink of Federal Retirement

    Approximately 10,000 baby boomers are reaching retirement age per day, and a growing number of federal employees are preparing themselves for the next chapter of their lives. Learn how to tackle the challenges that today's workforce faces in laying the groundwork for a smooth and secure retirement.

  • Sponsored by Hewlett Packard Enterprise

    Cyber Defense 101: Arming the Next Generation of Government Employees

    Read this issue brief to learn about the sector's most potent challenges in the new cyber landscape and how government organizations are building a robust, threat-aware infrastructure

  • Sponsored by Aquilent

    GBC Issue Brief: Cultivating Digital Services in the Federal Landscape

    Read this GBC issue brief to learn more about the current state of digital services in the government, and how key players are pushing enhancements towards a user-centric approach.


When you download a report, your information may be shared with the underwriters of that document.