Viewpoint: Cybersecurity czar might be overloaded

The challenge of securing government networks from cyber attacks is so large that one person at the White House shouldn't be expected to act as the operational leader of cybersecurity efforts and should instead be a coordinator, an expert said today.

James Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies, said the cybersecurity chief should ensure that all federal agencies are moving in the same direction. Lewis made his remarks at the Digital Government Institute’s Cyber Security Conference and Expo in Washington.

“The problem is, if you have a czar that is going to try and run everything from the White House, it won't work; he or she will be overloaded,” he said. Instead, the cybersecurity coordinator should set policies and ensure that agencies carry out those policies.

Although officials are considering establishing such a role, some White House offices don't want to give up their share of control over cybersecurity, Lewis said. When President Barack Obama took office, 14 White House offices thought they were in charge of cybersecurity, he added.

For example, the Office of Science and Technology Policy has the legal authority to secure telecommunications networks. “It is very old authority, and they don’t want to give it up,” he said.

As new functions were identified, jobs were given to other offices. “Now we are going to have to clean up the mess that grew over time,” he added.

While the cleanup takes place, agencies can do a lot on their own to secure their networks and data, he said, adding that basic security measures can eliminate about 80 percent of existing vulnerabilities.

Using secure network configurations, installing software patches and consolidating connections to the Internet can vastly improve agencies’ security profile, Lewis said.

“Agencies need to grab that low-hanging fruit where they have the power to do so, or identify where they don’t have the power and then start saying, 'I need it,'” he said. “If you focus on that, you can make the target much harder for the people who are coming at you.”

About the Author

Doug Beizer is a staff writer for Washington Technology.

Reader Comments

Thu, May 7, 2009 Richard California

Doug: Great article. However, government legacy systems will remain, if history tells us anything. I once did a project for the White House. While the head of IRMD and others of his staff were all on board, the 70+ special assistants to the President all had their own veto power that prevented us from providing true data security. To fix the problem you must cut certain departments and staff. That just won't happen! We still fund and store gas reserves for our fleet of dirigibles that were phased out after WWII! We have spent millions of dollars on our mothball fleet of worthless warships in California and it goes on. Kill a program and you kill jobs and then they want to kill you!

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • POWER TRAINING: How to engage your customers

    Don't miss our June 7 Washington Technology Power Training session on Mastering Stakeholder Engagement, where you'll learned the critical skills you need to more fully connect with your customers and win more business. Read More

  • PROJECT 38 PODCAST

    In our latest Project 38 Podcast, editor Nick Wakeman and senior staff writer Ross Wilkers discuss the major news events so far in 2019 and what major trends are on the horizon. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.