Jeb Bush plans to hold government IT managers accountable
- By Sean Lyngaas
- Jan 12, 2016
The former Florida governor has plans to hold federal IT managers accountable for breaches that take place on their networks.
Federal IT made an unlikely appearance in the Republican presidential campaign this week, as former Florida Gov. Jeb Bush called for the government to bolster its cyber defenses by holding negligent agency chiefs and "poorly performing IT managers" accountable.
"If it is to lead the way in addressing these threats, the federal government must put its own house in order, prioritizing to reflect the urgency and importance of protecting key databases and communications," Bush wrote in a Jan. 12 op-ed for Business Insider.
If elected president, Bush pledged to give the private sector current threat information and "a legal framework that better allows it to defend itself." That last line could be broaching the gray area of "hacking back," when hacked firms go on the offensive. It is a move the Obama administration has hitherto discouraged, and is for the most part illegal under current law.
Bush, a onetime leading candidate who has since faded in the polls, has been outspoken on cybersecurity issues. His pronouncements on the subject include a call for federal agencies and boardrooms to prioritize cybersecurity, and for increased resources for the FBI to fight cybercrime. He has also characterized the unaddressed security vulnerabilities that led to the hack of the Office of Personnel Management "emblematic of the cultural failure of the Obama administration to take these threats seriously."
Bush’s op-ed proposed a proactive approach to cyber-threat detection by regularly scanning networks and sharing threat signatures. The Obama administration is taking those steps via programs such as Continuous Diagnostics and Mitigation, and the Einstein intrusion-detection and blocking system.
Bush described the recently passed cybersecurity information-sharing legislation "a step forward, but more needs to be done."
He also agreed with the administration’s decision to negotiate a cyber accord with China, but cited evidence that Beijing had already violated it. Enforcing such agreements requires a willingness to "impose meaningful consequences," Bush wrote.
Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.
Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.
Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.