Tech Industry

Feds eye new cybersecurity post

Congress may try to fix the turnover in cybersecurity leaders by giving the position more weight.

For the last few years, it hasn't always been clear who in the U.S. government is responsible for overseeing national "cybersecurity" efforts--and how long that person will stick around.

First there was Richard Clarke, a veteran of the Clinton and first Bush administrations who left the post with a lucrative book deal. Clarke effectively was succeeded in quick succession by Howard Schmidt, known for testifying in favor of the Communications Decency Act, then Amit Yoran and Robert Liscouski.

Now Congress may try to quell some of the turmoil over at the Department of Homeland Security by creating a more prestigious post. On Tuesday, the House of Representatives is scheduled to begin deliberating a proposal for an assistant secretary for cybersecurity.

The position, long a favorite of congressional security hawks, would require an appointment by the president and confirmation by Congress. Whoever fills it will be responsible for coordinating with other federal agencies, some of which have had spotty records in the past.

In a recent interview with CNET, Rep. Chris Cox, a California Republican, said today's cybersecurity post needs a promotion. "That's of course something that we have been pushing hard for in the Homeland Security committee over the last two years, elevating the profile of cyber inside the Department of Homeland Security and inside the federal government."

According to the House bill, the assistant secretary would be charged with creating a "national cybersecurity response system" that would evaluate U.S. critical infrastructure and "aid in the detection and warning of attacks" on it.

Currently the department's chief cybersecurity official is a low-to-mid-level official who is two levels of bureaucracy removed from Secretary Michael Chertoff. An assistant secretary would have more access to Chertoff.

The assistant secretary proposal is part of a broader homeland security bill for the 2006 fiscal year. It also requires the department to establish a National Terrorism Exercise Program to "prevent" and "recover from" terrorist acts, including cybersecurity breaches.