Elevating the bureaucratic status of cyber security at the Department of
Homeland Security (DHS) is part of DHS Secretary Michael Chertoff’s sweeping
reforms announced Wednesday.
Currently, cyber security is coordinated at DHS by the director of the
National Cyber Security Division, which resides in the department’s
Infrastructure Protection Directorate. The technology industry has long
complained cyber security deserves equal billing with physical security.
Under Chertoff’s plan, a new Assistant Secretary for Cyber security and
Telecommunications will be responsible for identifying and assessing the
vulnerability of critical telecommunications infrastructure and assets.
In addition, the new office will be charged with providing “timely,
actionable and valuable” threat information and leading the national
response to cyber and telecommunications attacks.
Chertoff also called for increased information sharing as one of six DHS
reorganization priorities. The other priorities include preparedness, border
security, transportation security, department management and adjustments to
better meet DHS’ homeland security mission.
“The ability to share information with our state and local partners, the
private sector, law enforcement and first responders is absolutely critical
to our success,” Chertoff said. “Otherwise, we are effectively tying the
hands of those who are on the ground and charged with the responsibility of
protecting their community, their neighbors and their families.”
Chertoff promised to invite “every state homeland security advisor and every
state emergency management coordinator” to Washington for working sessions
to discuss information exchange protocols and other topics of mutual concern.
“We recognize the need for better and more inclusive information sharing.
Information sharing is a two-way street,” he added.
But it was Chertoff’s call for greater cyber security awareness at the DHS
that drew floods of praise and statements from the technology industry.
Robert Holleyman of the Business Software Alliance called Chertoff’s plan
“much needed” and “innovative.”
“The plan unveiled by [DHS] serves as a profound step in the right
direction, specifically through the establishment of new senior positions
with responsibility over cyber security and critical infrastructure
protection,” Holleyman said.
Harris Miller, president of the Information Technology Association of
America (ITAA), said Chertoff’s cyber security reorganization plan was
“terrific news.”
“ITAA has called for the creation of a cyber security czar for more than five
years. We think the challenges of cyber security are special and different,
and we are gratified?Chertoff shares that view,” he said. “We also believe
that focusing the job on cyber security and telecommunications makes good
sense given the on-going convergence of IT and telecommunications.”
Miller said special challenges justify elevating the role of cyber security
at DHS, including managing a national cyber response system and a national
program to reduce cyber security threats and vulnerabilities.
“The nation’s critical infrastructures, including water, chemicals,
transportation, energy, financial services, health care and others, rely
significantly on computer networks to deliver the services that maintain our
safety and national economy,” Miller said.
“It therefore is incumbent on the
owners and operators of those critical infrastructures to manage
improvements in the security of their information systems and to have a
senior individual within the government?who can coordinate collaborative
efforts across critical infrastructure sectors and with state and local
governments.”