Expert: White House needs cybersecurity coordinator

The challenge of securing government networks from cyber attacks is so large that one person at the White House shouldn't be expected to act as the operational leader of cybersecurity efforts and should instead be a coordinator, an expert said today.

James Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies, said the cybersecurity chief should ensure that all federal agencies are moving in the same direction. Lewis made his remarks at the Digital Government Institute’s Cyber Security Conference and Expo in Washington.

“The problem is, if you have a czar that is going to try and run everything from the White House, it won't work; he or she will be overloaded,” he said. Instead, the cybersecurity coordinator should set policies and ensure that agencies carry out those policies.

Although officials are considering establishing such a role, some White House offices don't want to give up their share of control over cybersecurity, Lewis said. When President Barack Obama took office, 14 White House offices thought they were in charge of cybersecurity, he added.

For example, the Office of Science and Technology Policy has the legal authority to secure telecommunications networks. “It is very old authority, and they don’t want to give it up,” he said.

As new functions were identified, jobs were given to other offices. “Now we are going to have to clean up the mess that grew over time,” he added.

While the cleanup takes place, agencies can do a lot on their own to secure their networks and data, he said, adding that basic security measures can eliminate about 80 percent of existing vulnerabilities.

Using secure network configurations, installing software patches and consolidating connections to the Internet can vastly improve agencies’ security profile, Lewis said.

“Agencies need to grab that low-hanging fruit where they have the power to do so, or identify where they don’t have the power and then start saying, 'I need it,'” he said. “If you focus on that, you can make the target much harder for the people who are coming at you.”

About the Author

Doug Beizer is a staff writer for Federal Computer Week.

Featured

  • Image: Shutterstock

    COVID, black swans and gray rhinos

    Steven Kelman suggests we should spend more time planning for the known risks on the horizon.

  • IT Modernization
    businessman dragging old computer monitor (Ollyy/Shutterstock.com)

    Pro-bono technologists look to help cash-strapped states struggling with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help.

Stay Connected