House bill boosts DHS CIO, security positions
- By Brian Robinson
- Jul 21, 2006
The Homeland Security Department’s chief information and chief security officers could move up the management chain if Congress passes the DHS fiscal 2007 authorization bill as the House Homeland Security Committee passed it this week.
Under the bill, the CIO and chief security officer will become members of a cadre of DHS chief operating officers with direct control over the budgets, workforce and operations of various DHS agencies.
Department leaders have been under pressure for a number of years to create a single infrastructure to improve communications and share information; an effective CIO is considered critical for that.
Up to now, the DHS CIO has been seen as an emperor with no clothes and little empire. In a report late last year, DHS’ inspector general said the CIO was not positioned to integrate information technology at the department, and as a result, DHS was still missing critical components in its integration plan.
“Despite federal laws and requirements, the CIO is not a member of the senior management team with authority to strategically manage departmentwide technology assets and programs,” Richard Skinner, DHS’ IG, wrote.
The security of DHS’ IT security and overall national cybersecurity has also come under fire. In his report, Skinner pointed out that the DHS CIO was required to implement a departmentwide information security program under the Federal Information Security Management Act.
More recently, the DHS has also been criticized for failing to fill its assistant secretary for cybersecurity and telecommunications position, which was created in July 2005.
Paul Kurtz, executive director of the Cyber Security Industry Alliance, said that was an indication of the ongoing lack of attention being paid to cybersecurity at the highest levels of government.
Under the authorization bill, the assistant secretary is directed to work with the CIO to establish a secure DHS information-sharing architecture and processes, and to establish and manage a national cybersecurity response system.
Brian Robinson is a freelance writer based in Portland, Ore.