Top 5 challenges for the cyber coordinator

President Barack Obama's pledge to appoint a cybersecurity policy coordinator at the White House has drawn cheers, jeers and a long to-do list

Many people agree that the country needs a cybersecurity coordinator at the White House. But more than three months after President Barack Obama pledged to select someone to lead a new office focused on coordinating cybersecurity policy, the post remains unfilled.

In the interim, there has been rampant speculation about the position. However, despite their differences, everyone agrees that the new cybersecurity coordinator will face a daunting set of challenges.

"No matter who is appointed cyber coordinator, they will have an enormous task in front of them," said Sen. Thomas Carper (D-Del.), who introduced cybersecurity legislation earlier this year.

Here are the top five challenges the cybersecurity coordinate must tackle.

1. Commanding respect

In May, Obama said he would treat the country’s digital infrastructure as a strategic national asset. However, since then, some observers have questioned whether the new leader will have enough authority.

The first thing the new official has to do is figure out his or her job description, said Dale Meyerrose, former chief information officer at the Office of the Director of National Intelligence and now vice president and general manager of cyber programs at Harris.

Scott Borg, director and chief economist at the nonprofit U.S. Cyber Consequences Unit, said the biggest challenge for the new cybersecurity coordinator might be to convince people of the job’s importance.

“Over the last few years, we have seen a half-dozen so-called cyber czars resign in frustration,” Borg said. Because of that history, people will need to be shown why they should pay attention to another cybersecurity official.

2. Building relationships in government

The Obama administration’s 60-day review of cybersecurity policy, completed in April, found that the federal government isn’t properly organized for cybersecurity. Responsibilities are scattered across agencies, many of which have overlapping functions.

Rep. Michael McCaul (R-Texas), who is co-chairman of the House Cybersecurity Caucus and the influential Center for Strategic and International Studies's cybersecurity commission, said the first thing he would like to see the new official do is sit down with the leaders of the Homeland Security Department, National Security Agency and Defense Department to improve cybersecurity coordination.

James Lewis, who directs the CSIS commission and the organization’s Technology and Public Policy Program, said the coordinator must establish partnerships with other key White House offices, such as the Office of Management and Budget. He also said the official will need to convince Congress that the position isn’t simply ornamental.

Karen Evans, former administrator of e-government and information technology at OMB and now a partner at KE+T Partners, said the new official should make it a priority to develop relationships with the chief performance officer, chief technology officer and federal CIO. Strong relationships with agency CIOs will also be important, she said.

3. Creating a true public/private partnership

With the private sector owning and operating much of the country’s digital backbone and critical infrastructure, many observers believe bolstering the government’s relationship with the private sector is essential to improving cybersecurity.

For his part, Obama said his administration would “collaborate with industry to find technology solutions that ensure our security and promote prosperity.”

Amit Yoran, chief executive officer of network security company NetWitness and former director of DHS’ National Cybersecurity Division, said the coordinator should work to improve relationships with industry.

McCaul said that in the past, the private sector has been reluctant to share information with the federal government, and that culture needs to change.

4. Sorting out legal authorities while protecting civil liberties

Obama said his new cybersecurity office would include someone whose job was to safeguard the privacy and civil liberties of Americans.

“Our pursuit of cybersecurity will not — I repeat, will not — include monitoring private-sector networks or Internet traffic,” Obama said. “We will preserve and protect the personal privacy and civil liberties that we cherish as Americans.”

However, defining the roles that DHS, a civilian agency, and intelligence agencies will play remains contentious. Whatever the outcome, the cybersecurity office will need to address concerns about privacy and civil liberties.

5. Finding the correct focus, fast

Melissa Hathaway, who led the administration’s 60-day cybersecurity review, said the race to secure cyberspace was a marathon, not a sprint. Hathaway has since moved on, but the ambitious goals her review identified remain.

Meyerrose said the review resulted in more than 40 implied tasks that the cybersecurity coordinator must prioritize because he or she won’t be able to tackle them all at once or necessarily afford to address them all.

Lewis said the coordinator will need to initiate the process of drafting a new national strategy and show some quick successes to demonstrate his or her value.

About the Author

Ben Bain is a reporter for Federal Computer Week.

The 2015 Federal 100

Meet 100 women and men who are doing great things in federal IT.

Featured

  • Shutterstock image (by venimo): e-learning concept image, digital content and online webinar icons.

    Can MOOCs make the grade for federal training?

    Massive open online courses can offer specialized IT instruction on a flexible schedule and on the cheap. That may not always mesh with government's preference for structure and certification, however.

  • Shutterstock image (by edel): graduation cap and diploma.

    Cybersecurity: 6 schools with the right stuff

    The federal government craves more cybersecurity professionals. These six schools are helping meet that demand.

  • Rick Holgate

    Holgate to depart ATF

    Former ACT president will take a job with Gartner, follow his spouse to Vienna, Austria.

  • Are VA techies slacking off on Yammer?

    A new IG report cites security and productivity concerns associated with employees' use of the popular online collaboration tool.

  • Shutterstock image: digital fingerprint, cyber crime.

    Exclusive: The OPM breach details you haven't seen

    An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data, and the government's step-by-step response.

  • Stephen Warren

    Deputy CIO Warren exits VA

    The onetime acting CIO at Veterans Affairs will be taking over CIO duties at the Office of the Comptroller of the Currency.

  • Shutterstock image: monitoring factors of healthcare.

    DOD awards massive health records contract

    Leidos, Accenture and Cerner pull off an unexpected win of the multi-billion-dollar Defense Healthcare Management System Modernization contract, beating out the presumptive health-records leader.

  • Sweating the OPM data breach -- Illustration by Dragutin Cvijanovic

    Sweating the stolen data

    Millions of background-check records were compromised, OPM now says. Here's the jaw-dropping range of personal data that was exposed.

  • FCW magazine

    Let's talk about Alliant 2

    The General Services Administration is going to great lengths to gather feedback on its IT services GWAC. Will it make for a better acquisition vehicle?

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above