DHS responds to congressional criticism of Charbo promotion

Homeland Security Secretary Michael Chertoff has responded to congressional criticism over his decision to promote Scott Charbo by outlining five of the former chief information officer's accomplishments. In a letter to Rep. Bennie Thompson (D-Miss.), chairman of the Homeland Security Committee, Chertoff said Charbo has an outstanding record and he is “grateful to Mr. Charbo for his leadership” in cybersecurity. On Feb. 1, DHS promoted Charbo to deputy undersecretary for the National Protection and Programs Directorate, where he will help oversee the governmentwide cybersecurity effort, including the Trusted Internet Connections initiative. After the decision became public, Thompson immediately criticized the promotion and expressed his dissatisfaction with Charbo’s record and effort in securing DHS' networks. Chertoff responded by expressing his support for Charbo and giving the reasons for the promotion. “Scott Charbo brings to this position invaluable management skills he developed not only during his tenure as Chief Information Officer (CIO), but also as Acting Under Secretary for Management,” Chertoff wrote. “It is misleading to castigate the CIO for all of the department's network vulnerabilities, especially given the size and scope of our networks, the persistent legacy of decentralized network controls, and the fact that our networks are under constant attack. Through Mr. Charbo's leadership, the department continues to gain positive improvement of direct control over its diverse networks.” Chertoff said under Charbo’s leadership DHS has “taken great strides to institutionalize rigorous network security and data and privacy protection programs.” Among Charbo’s accomplishments that Chertoff highlights include: • Consolidating 22 agency networks into the OneNet. • Improving the percentage of its 611 systems that are certified and accredited to 88 percent from 26 percent in 2005. • Issuing a detailed concept of operations in 2007 that provides enterprisewide guidance for information technology security operations. • Strengthening the plan of action and milestones program that tracks security guidelines compliance. • Implementing enterprisewide IT security training. “He leads by example and expertise and stays focused on our most important IT and management issues,” Chertoff wrote. “I look forward to the positive impact he will have on securing the homeland in his new position. His strong leadership abilities will help to improve the capabilities of NPPD.”