Perspective: Thumb twiddling on cybersecurity

Threats and vulnerabilities to our global computer networks and systems are growing faster than we can address them.

Malicious code--viruses and worms--is being created to exploit software flaws within days, when only a year ago it would have taken months for such code to appear. Our water supply, electric grid, nuclear energy system and other critical infrastructures are interconnected and interdependent, increasing the likelihood that a cyberattack could disrupt major services and cripple economic activity.

The government cannot be naive in its approach and must recognize the unique and cross-cutting nature of the cyberworld.

Indeed, if a cyberattack occurred at the same time as a physical attack, critical emergency response systems and communications operations could be taken out, increasing the confusion of an attack, and the number of casualties.

When the Department of Homeland Security was created, the president eliminated the position of senior advisor to the president on cybersecurity and delegated its responsibilities to the new department. For months, the department failed to assume this responsibility and did little on cybersecurity.

It was only after the private sector and technology companies told the government that it needed to provide leadership that the Department of Homeland Security created the National Cyber Security Division, an entity buried deep within the agency. Because the director of this division does not have a direct line to the president or to the secretary of homeland security, his or her effectiveness is limited.

Amit Yoran was hired to be the Director of the NCSD. He lasted in this position for only a year--largely because of the serious structural problems within the Department of Homeland Security.

It is unfortunate that the Department of Homeland Security has failed to realize the importance of elevating the cybersecurity czar's position.

As the ranking member of the congressional Subcommittee on Cybersecurity, Science, and Research & Development, I have had the opportunity to see up close the need to strengthen our country's cybersecurity. With Congressman Mac Thornberry, R-Texas, the chairman of the subcommittee, I have worked hard to address this issue.

We recently introduced bipartisan legislation in the House of Representatives to create an assistant secretary of cybersecurity within the Department of Homeland Security, legislation that later passed in the House of Representatives as a part of the 9/11 Recommendations Implementation Act. We are optimistic that this provision will survive the conference with the Senate and remain in the final version of the act.

If enacted, the creation of the assistant secretary position will elevate cybersecurity to a level that can coordinate with senior Department of Homeland Security personnel, other agencies and the private sector in a meaningful way. While it is true that the government must not develop plans for physical security and cybersecurity in a vacuum, it is equally true that the government cannot be naive in its approach and must recognize the unique and crosscutting nature of the cyberworld.

Digital agenda
Homeland security

How confusion and politics
are putting us at risk.

The assistant secretary of cybersecurity would sit next to an assistant secretary who deals with physical infrastructure protection. By creating this position, we can ensure that we are prepared for attacks on both our cyber and physical structures. Under the current structure, the Department of Homeland Security is simply not getting the job done.

On Oct. 13, The Washington Post reported that Secretary of Homeland Security Tom Ridge said the role of overseeing computer security and the Internet should have a higher profile in the Department of Homeland Security.

More specifically, he said a position of assistant secretary to be responsible for both cyber and telecommunications security would be created. Shortly after he made this statement, Homeland Security Spokesman Brian Roehrkasse clarified Ridge's statement. He said Ridge had misspoken and that the position would in fact be a deputy assistant secretary position.

That is simply just not good enough; a deputy assistant secretary position would only enhance the hierarchy and red tape within the department. It is unfortunate that the Department of Homeland Security has failed to realize the importance of elevating this position.

Securing our networks must be a priority in our country's overall homeland security strategy. It does not appear to be a priority for the Department of Homeland Security, as demonstrated by its outsourcing of our government's top cybersecurity position. Too much time has been wasted. We cannot wait for an "electronic 9/11" to happen before the Department of Homeland Security focuses its attention on preparing for and responding to threats to our computer networks.

Biography
Rep. Zoe Lofgren is the ranking member of the ranking member of the House of Representatives' Subcommittee on Cybersecurity, Science, and Research & Development.

More Perspectives

[ordaj]

We have to ask why...

Why would the administration not elevate the position to an Assistant Secretary? Who benefits?

[ordaj]

We have to ask why...

Why would the administration not elevate the position to an Assistant Secretary? Who benefits?

first knowing what not to do

most people i know here in the south are haveing a hard time finding a job that pays enought to make ends meet they dont worry about innernet they just need jobs

Worry.

If someone knocks out the phone system, or internet, or any number of other communications systems with a hack or worm or virus... and there's an emergency THEN you'll care about the "innernet".

first knowing what not to do

most people i know here in the south are haveing a hard time finding a job that pays enought to make ends meet they dont worry about innernet they just need jobs

Worry.

If someone knocks out the phone system, or internet, or any number of other communications systems with a hack or worm or virus... and there's an emergency THEN you'll care about the "innernet".

[Catgic]

We have met the enemy...and he is us.

A good article, even with San Jose, CA Rep. Lofgrens very thinly veiled electioneering jabs at the incumbent administration. It should get her a few more votes in S.J.

Rep. Lofgren is preaching to the choir. We knowz&she knowz&now time to go fix.

My old friend Pogo of Okefenokee used to say, We have met the enemy...and he is us.

As the Zoe-ster herself said in the article, she is ranking member of the congressional Subcommittee on Cybersecurity, Science, and Research & Development.

Listen to Oprah. Get with the program, girl&youre in charge. Why are you sitting and Thumb twiddling on cybersecurity? Work hard to fix cybersecurity, not just address it.

[Catgic]

We have met the enemy...and he is us.

A good article, even with San Jose, CA Rep. Lofgrens very thinly veiled electioneering jabs at the incumbent administration. It should get her a few more votes in S.J.

Rep. Lofgren is preaching to the choir. We knowz&she knowz&now time to go fix.

My old friend Pogo of Okefenokee used to say, We have met the enemy...and he is us.

As the Zoe-ster herself said in the article, she is ranking member of the congressional Subcommittee on Cybersecurity, Science, and Research & Development.

Listen to Oprah. Get with the program, girl&youre in charge. Why are you sitting and Thumb twiddling on cybersecurity? Work hard to fix cybersecurity, not just address it.

Computer illiterate bureaucrats

It is difficult to get proper perspective regarding the internet (email, web) without having watched it deteriorate at a steady and accelerating rate over the years.

It is getting worse and is dangerous. It is truly not a place for the young, the old, the inexperienced or the naive.

The Washington bureaucrats have no clue, probably based on their lack of hands-on experience (they will say they have more important matters) as to the size and potential for harm that is developing before our eyes.

Computer illiterate bureaucrats

It is difficult to get proper perspective regarding the internet (email, web) without having watched it deteriorate at a steady and accelerating rate over the years.

It is getting worse and is dangerous. It is truly not a place for the young, the old, the inexperienced or the naive.

The Washington bureaucrats have no clue, probably based on their lack of hands-on experience (they will say they have more important matters) as to the size and potential for harm that is developing before our eyes.