Rod Beckstrom resigned last Friday from his post as Director of the National Cyber Security Center (NCSC) at the Department of Homeland Security after less than one year in the role. Citing a lack of resources and support, it's reported that Beckstrom's NCSC, which is responsible for coordinating the government's response to cybersecurity threats, received less than $500,000 in funding for the past year. I know; you know; and the government knows that $500K isn't going to go very far in addressing these big issues so if true, why are the expectations so low? Perhaps the most compelling comment from his resignation letter though is how having NSA playing a significant role in the nation's cybersecurity was "bad strategy." http://www.networkworld.com/news/2009/030909-beckstrom-resignes-ncsc.html
Mr. Beckstrom's announcement has led to some interesting discussions http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9129429&instrc=news_ts_head about whether or not NSA should in fact be playing a lead role in the nation's cybersecurity mission at all. While the technical expertise that resides within NSA is beyond question, in an era of transparency in government, the issue may have some validity when you look at the historically closed environment of NSA. On the other hand, the national cybersecurity agenda hasn't really made any great strides residing within DHS in the past few years so maybe that isn't a good fit either. While NSA has received some less than positive press as a "spy agency" over the years, Information Assurance, with a focus on vulnerability and threat analysis, is one of their core missions.
So I suppose the real question is that if a national cybersecurity initiative is truly a national priority, where should the organization directing it live? Do you think vesting NSA with a leadership role in the nation's cybersecurity effort is the right choice and if not at NSA, where should it be?
Mark
Great to see that you are blogging and that there is now another source to clean your valuable insights from.
Looking at this debate from here in Ireland I have to admit that I am jealous that you have the problem to debate who should be responsible for cybersecurity in your country. Some day I hope that we can have the same problem here
He is the last in a long line of folks that have left DHS because of lack of control over real budgets (not to mention all the folks that turned the job down) but his attack on the Intell Community is a shot across the bow. That comment flies in the face of Hathaway’s comments that classified capabilities need to be leveraged in the unclass world.
Mark, Great job as usual! I'll be hitting this Blog routinely.
Having worked with/for and consulted to all these agencies and DOD Departments over the past 20+ years in all forms of IT/Cyber Security, I have to agree with you, Mike McConnell and others. We need this central Cyber Security Center/Office and control, bringing all National, Federal, Local and even Tribal resources together, constantly working the threats, responses and defenses of our National and Coalition Security and interest. This has been tried at several agencies and departments over the years, and even though they have worked hard to make it work, they have not done well due to Policy and Political Lines and business charters. And while the NSA is the most qualified in most aspects of this business, they have a lot to do in their own core business. They need to establish an impartial office to lead this effort. One that can break down barriers and get to the Cyber Security business at hand.
I spend a good portion of my time sharing my experiences and knowledge and the IT/Cyber Security threats and responses that I receive from others, across a wide list of National, Federal, State and local Government IT/Cyber Security personnel where "the rubber meets the road". We need to break down the barriers that we have and do this on a National and Coalition Level.
Last but not least, we dump billions of dollars into IT contracts and equipment every year, and not even a fifth of that into the Cyber Security side. We need to match that type of funding for our Central Cyber Security Office/Department where ever it is. $500,000.00 just won't meet the ticket for providing what this nation needs, besides the fact that it would only pay for 2 1/2 man-year of contractors support.
Over the last couple years there seems to have been a number of resignations around this and similar positions. The reasons stated tend to be around authority and funding. I've blogged a couple times about this myself:
http://blog.imperva.com/2009/01/all-the-responsibility-and-non.html
http://blog.imperva.com/2009/03/director-of-the-national-cyber.html