Home > Uncategorized > President Obama’s First 100 Days: A Cybersecurity Report Card

President Obama’s First 100 Days: A Cybersecurity Report Card

How well President Obama has done in his first 100 days in office is currently a very hot and controversial topic. So-called political experts have come up with a wide spectrum of opinions ranging from judging him to be the best President the US has had in a half century to those that deem him to be little more than a spending-crazed liberal. Although one’s evaluation of the President is likely to be shaped more by political ideology than anything else, certain issues on which Obama should be evaluated have little to do with ideology. Cybersecurity is one of these issues.

No matter what your political persuasion is, it is hard to deny that the new President has shown initiative like few before him. For example, he assumed the US Presidency on January 20 of this year. Within a day, his Web site announced a six-pronged strategy for improving cybersecurity. This strategy, which dovetails very closely with the recommendations in “Securing Cyberspace for the 44th Presidency,” calls for measures such as increasing funding for security-related research and development, more collaboration between the government and the commercial arena to create new (and hopefully better) standards, and appointing a security tsar who reports directly to the President.

Most of the cybersecurity initiatives that the President announced are not doable overnight. Consider the arduous task of trying to increase collaboration with private industry, much of which wants to stay as far away from the federal government’s attention as possible. But one thing the President can accomplish quickly is to appoint a US cybersecurity tsar. The fact that this person will report directly to him is at least one demonstration of a higher commitment to cybersecurity than in any other administration. President Obama’s having appointed Melissa Hathaway as cyber coordination executive for the Office of the Director of National Intelligence (ODNI) appears to make her the leading candidate for the tsar post. I have mixed feelings about Hathaway’s possible appointment to this position. On the good side, she was instrumental in formulating the previous administration’s Comprehensive National Cybersecurity Initiative (CNCI). She is also director of the Joint Interagency Cyber Joint Task Force. On the other hand, she can by no means be considered to be an information security professional; I doubt whether she could name even one of the Generally Accepted Information Security Principles (GAISP) that professionals widely embrace. I hate to see the opportunity to have a person placed at such a high level within an administration for the first time when the individual does not have prerequisite information security knowledge and skills. Contrawise, we’ve already lamentably seen what happens when someone from industry with little experience in Washington is appointed to some kind of information security chief post within the government. At least Hathaway has years of service in Washington behind her.

The bottom line is that it is difficult if not impossible to assign a grade to President Obama for his first 100 days in office as far as the cybersecurity side of his job goes. He has shown tremendous initiative in this area and seems genuinely motivated to solve the government’s long-standing problems in this arena. But I would also very closely watch who he appoints to the cybersecurity tsar position. His choice will be that critical. So let’s all hope that he makes the right decision, whatever that may be!

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.