Who Should Be In Charge of Cybersecurity?

One element of unfinished business in 2009 is the appointment of a "cybersecurity czar". Candidate Barack Obama made a big deal out of the need for such a person and specifically promised to appoint one who would report directly to him:As President, I'll make cyber security the top priority that it should be in the 21st century. I'll declare our cyber-infrastructure a strategic asset, and appoint a National Cyber Advisor who will report directly to me. We'll coordinate efforts across the federal government, implement a truly national cyber-security policy, and tighten standards to secure information - from the networks that power the federal government, to the networks that you use in your personal lives.

The administration has essentially whiffed on this one. Experts, many of whom enthusiastically supported Obama in the campaign in no small part because of this issue, were disappointed at his actual proposals. The proposed Cybersecurity Coordinator position is not what the campaign promised; instead it reports to two separate Presidential advisors with different agendas and has no budgetary authority. Rumors over the last several months indicate that a long list of candidates have turned the position down, the latest being RSA President Art Coviello..

Marc Ambinder in the Atlantic recently discussed some of the reasons for the overall mess. He (continue reading...)