Rescinding my applause for Chertoff
U.S. Rep. Zoe Lofgren says the unfilled job of cyberczar--one year after it became vacant--points to a much bigger problem.
At the time, I applauded Chertoff for recognizing the necessity of this position to better protect our nation's cyberinfrastructure from attacks by hackers, criminals and terrorists.
Today, I would like to take back my applause. For the entire year since its creation, this position has remained unfilled. Consequently, our cyberinfrastructure continues to be at risk. Homeland Security and President Bush have shown that cybersecurity is not a priority in our nation's defense. We have the capability to prevent a devastating attack on our technological infrastructure, but very little has been done and our country remains extremely vulnerable.
Rep. Mac Thornberry, R-Texas, and I originally proposed the creation of an assistant secretary for cybersecurity within Homeland Security during the 108th Congress, when we served together as chairman and ranking member of the Homeland Security Subcommittee on Cybersecurity (a committee that was later abolished, again showing the lack of attention to this crucial issue).
This legislation had strong support from the business, technology, academic and financial sectors, and was approved by the House of Representatives as part of HR 10, the House-passed version of the 2004 Intelligence Reform Bill.
Because this provision was not included in the final intelligence reform legislation, Thornberry and I reintroduced the bill in January 2005 and passed it out of our subcommittee again that spring. When Chertoff announced the creation of an assistant secretary for cybersecurity last summer, I thought the ball would begin to roll. I was wrong.
Quite simply, our nation has been without adequate leadership on cybersecurity since Howard Schmidt resigned the cybersecurity czar position in 2003. Since then, the top spot dedicated to cybersecurity has been a "directorship" buried within the bureaucracy of Homeland Security.
The first and only person permanently named to the position, Amit Yoran, lasted a year to the day, resigning in September 2004 out of frustration. Since then, Homeland Security has contracted out the position to an acting director who is being paid $577,000 under a two-year contract. That is almost a quarter million more than Chertoff is being paid as the top official at the department. Meanwhile, cyberspace remains vulnerable.
We need someone at the assistant secretary level to better coordinate with Chertoff, as well as with officials throughout the department, other federal agencies and the private sector. The fact that the assistant secretary for cybersecurity has remained vacant since its creation reflects the larger failures of the entire Department of Homeland Security.
I am still trying to spur the administration to fill the cybersecurity position. In the latest FEMA (Federal Emergency Management Agency) restructuring bill that passed out of the House Homeland Security Committee this spring, I added in a clause that would require the president to nominate an assistant secretary for cybersecurity within 90 days of the law becoming effective. In reality, this position should be one the Bush administration is eager to fill, not forced to. And we don't need another political hack or "Brownie," which sadly seems to be the natural instinct of the Bush administration when filling key Homeland Security roles.
Because all of us in our daily lives depend on the reliability of hundreds of computer networks, it's obvious that we should protect those networks from attacks by criminals or terrorists. Just this week, it was reported that the information systems used at the U.S. State Department headquarters and the China- and North Korea-related offices were hacked, causing damage and concern. It is clear why it should be so important for our government to devote the proper amount of attention to cybersecurity.
Filling the position of assistant secretary for cybersecurity is the beginning, not the end, of protecting our nation's cyberinfrastructure. Once we finally have a person in charge, he or she will then have to tackle a department riddled with incompetence and a cyberdivision that has no direction or leadership. On the one-year anniversary of Chertoff's announcement, I am extremely disappointed but unfortunately not surprised that Homeland Security has yet to begin such a critical task.