Collins opposes White House cyber czar
Maine Republican says DHS should get more cybersecurity resources
Sen. Susan Collins (R-Maine), the top-ranking Republican on the Homeland Security and Governmental Affairs Committee, today argued against establishing a new cybersecurity coordinator position at the White House.
Rather than have a new White House “cyber czar” oversee cybersecurity efforts, the Homeland Security Department should be given greater resources and authority to secure civilian networks, Collins said during a speech in Washington. She called for establishing a cybersecurity center at DHS with a “strong and empowered leader” who would also serve as principal cybersecurity adviser to the president.
Under the government's overall computer security strategy, DHS is responsible for protecting the federal government’s civilian .gov domain and working with industry on cybersecurity efforts.
“Truly securing our information technology infrastructure will require more than just high-level strategy and coordination,” Collins said. “In short, effectively managing government cybersecurity is going to require more than a few staff crammed into a cubicle in the depths of the White House.”
Collins’s opposition to a White House cybersecurity coordinator puts her at odds with President Barack Obama, who promised in May to appoint a yet-to-be named official to coordinate the government’s cybersecurity efforts.
“We don’t need yet another White House czar,” Collins said at a conference hosted by George Washington University’s Homeland Security Policy Institute and the Intelligence and National Security Alliance professional association.
Her stance also differs from that of Sen. Joseph Lieberman (I-Conn.), chairman of the Homeland Security and Governmental Affairs Committee.
Lieberman said Oct. 30 that he favored having a cybersecurity coordinator at the White House, a position that would require Senate confirmation. He said he plans to introduce cybersecurity legislation that would include the establishment of the position. His office said he expects to introduce that legislation with Collins later this year.
Meanwhile, Collins said the director of DHS’s cybersecurity center should report directly to the head of the department on day-to-day operations while also serving as principal cybersecurity adviser to the president.
Collins said in her plan the White House’s National Security Council would still play an important coordinating role in cybersecurity efforts, but a so-called cyber czar wasn’t required. She also said that although intelligence agencies have enormous resources, they shouldn’t take the lead in protecting civilian IT systems because of privacy and civil liberties concerns.
Collins said the director of DHS’ cybersecurity center would:
- Help enforce compliance with cybersecurity standards produced by the Office of Management and Budget and the National Institute of Standards and Technology.
- Recommend security measures to agencies and require agencies to explain actions taken to meet those recommendations.
- Coordinate information sharing on cyber threats and vulnerabilities governmentwide.
- Work with NIST to prioritize the development of standards and performance metrics.
- Issue warnings about cyber vulnerabilities.
- Work with civilian agencies to establish personnel security assurance policies.
- Develop a supply chain risk management strategy.
- Be the central point of access for small and midsize businesses on cybersecurity.
- Have the power to directly deal with threats to critical infrastructure.
Ben Bain is a reporter for Federal Computer Week.