President Obama made a big splash some months back when he announced his intention to appoint a cyber-security czar whose mission would be to protect federal government systems from the seemingly constant hacking attacks that originate from discontented homegrown hackers and/or foreign governments who are less than friendly to the United States.
At that time, I pointed to the appalling lack of detail in the White House’s security plans, yet I hoped that someone would step up and start filling in the gaps. Sadly, that has not happened, as demonstrated by a recent Associated Press item.
Specifically, AP notes that in the six months since the announcement, the administration has struggled to find a suitable candidate who would be willing to take on this task. It seems that finding a person with the required political and technological skills, and a strong reputation in the technology community is very difficult.
Why should this be? According to AP, several experts who agreed to describe the private selection process on condition of anonymity said that National Security Adviser James Jones, National Economic Council Director Larry Summers and White House chief of staff Rahm Emanuel have conflicting views of the job.
Not good, yet not insurmountable. But there is more.
While industry executives say the job must be rooted in the White House in order to have any power, some in Congress worry that the job would be beyond their control, says AP.
Definitely a potential political quagmire, but again, is it really impossible? My gut tells me that there is something else that is scaring away qualified candidates like a great white shark in the local swimming pool.
While the organizational and political problems are all too real, it is also obvious that taking the cybersecurity czar job is a lose-lose situation. That is because whoever takes on this role will be charged with completely protecting federal systems from dangerous intrusions—a task that is virtually impossible in today’s interconnected world.
To those of us who are familiar with technology, the above facts are no surprise. Illegal intrusions into federal systems, including those at the Pentagon, have been widely publicized. The bad guys have been a step ahead of the good guys in the cyber-wars for years now, and many experts privately admit that while we may win some battles and lessen the tide of cyber-crime, the overall war will drag on.
The problem is that the President has, with bombastic rhetoric, made this a test of his effectiveness, apparently without anyone advising him about the realities of cyber-crime. The other problem is that since the White House’s cybersecurity plan contains little detail, no one really knows what will constitute good performance in the czar’s job. If you’re a security expert, why volunteer to be the scapegoat for a promise that can never be kept? And why pick up that football when you can’t find the goalposts, much less the end zone?
I’m sure all this and more occurred to Melissa Hathaway when she resigned from her role as acting senior director for cyberspace at the National Security Council just a couple of weeks ago. Others who have been wooed for this spot are doubtlessly aware of the same pitfalls.
Signing on to fight the war against cyber-crime is one thing. Signing up to fulfill a politician’s unrealistic expectations is another, because any failure—and who really knows what constitutes failure here?—will be pinned to the chest of the unfortunate individual who takes the czar’s post.
It would have been a different story if the President had presented a realistic picture of the threat we face, and the extent to which we can be effective against it. As it is, however, the cybersecurity czar position has turned into the hottest of potatoes—and no one wants to get burned.
Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant and a longtime observer of technology in insurance and financial services. He can be reached at firstname.lastname@example.org.
The opinions posted in this blog do not necessarily reflect those of Insurance Networking News or SourceMedia.
Register or login for access to this item and much more
All Digital Insurance content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access