What the heck is going on? Melissa Hathaway resigns as the White House's acting cybersecurity czar
on Monday and today, only four days later, Mischel Kwon resigns as Director of
US-CERT.
As I noted in SANS NewsBites today, http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=62
this new resignation is regrettable
because it appears that the momentum many of us thought was building in the
federal government to prioritize cybersecurity may be waning. While there was a lot of initial
fanfare in mid-February with Ms. Hathaway being assigned to conduct a 60-day
review of cybersecurity in the federal government, rumors of political
interference were already beginning when the report wasn't released until the
end of May. It was then expected
that the president would name a Cybersecurity Chief with the release of the
"Cyberspace Policy Review" report http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf
but that didn't happen and now here we are, another 60+ days down the road with
no apparent movement.
There has
been a lot of turmoil over the past few years in the cybersecurity community at
the Federal level with among others, Amit Yoran, Greg Garcia, Rod Beckstrom,
and now Ms. Hathaway and Ms. Kwon moving on. Mischel is the 4th
Direct of US-CERT in the past five years!
These are all good
people and the list of those rumored to have turned down the new cybersecurity
chief job is equally impressive.
Why is the
federal government having such a hard time with cybersecurity leadership? Is the job not defined well enough? To many masters to serve? No authority over funding? Probably a little of each. Another reason might be that you can't just
sprinkle pixie-dust on someone and make them a cybersecurity expert and on the
other hand, most cybersecurity people are better at understanding technology
than politics. Whatever the reason, it's starting to look
like more business as usual in Washington.
Leave a comment