Secretary Napolitano’s speech at Tuesday’s Global Cyber Security Conference emphasized the Department’s commitment to cyber security as one of President Obama’s national priorities. However, it didn’t any provide any clarification of DHS’ role or how DHS will work with DoD, federal agencies and the private sector to achieve the strategy’s objectives and who will lead the charge.
When the Department was created in 2003, cyber and physical security responsibilities were aligned to ensure that infrastructure protection efforts, intelligence and investment would not be stovepiped. We recognized that physical protection of critical infrastructure could not be effective without the inclusion and coordination of cyber security efforts — putting up fences without protecting networks merely provided a perception of security, not effective security.
The desire to create a Cyber Czar not only is delaying the pursuit of the President’s priorities; it is creating an artificial separation of the physical and cyber world when the industry and the market are clearly moving toward convergence of the two domains.
Secretary Napolitano recently recruited Phil Reitinger, a proven and experienced leader with private sector and government experience to be Deputy Undersecretary for Cyber in the National Protection Programs Directorate –- the same one responsible for Infrastructure Protection. Cyber security doesn’t need a czar; it needs a leader who can work with other departments, agencies and the private sector to quickly achieve the President’s goal.
The Comprehensive National Cybersecurity Strategy has set the strategic direction. The National Infrastructure Protection Plan provides an effective framework, and the Department of Homeland Security (with its federal and DoD partners) has the mission to implement the strategy. We’re eight months into this administration. Let’s stop talking, and let’s start doing.