Security experts say the lack of a cybersecurity focus could harm efforts to secure cyberspace.
White House cybersecurity adviser Howard Schmidt reportedly will step down from his post at the end of the month. The move comes two months after Richard Clarke resigned from the same position shortly after the release of the Bush administration's strategy to secure cyberspace.
Security experts now worry there will be no single administration official who will focus on getting the private and public sectors working together to secure the nation's digital infrastructure. The top cybersecurity official in the administration after Schmidt's anticipated departure would be Robert Liscouski. His duties include securing both physical and digital infrastructures. One tech group wants Washington to have a stronger cybersecurity point person.
The Information Technology Association of America says cybersecurity is distinctly different from physical security and is urging the Bush administration to quickly replace Schmidt.
"The cybersecurity issue is losing visibility inside the White House," says association president Harris Miller. "In this case, the bully pulpit opportunity to influence the development of a truly secure cyberinfrastructure and associated best practices will be lost," he says.
"It's a revolving door at the top," says Pete Lindstrom, research director at Spire Security. "Is that indicative of the lack of authority of the position? They tried to create a position that held responsibility, but not necessarily any authority."
Lindstrom says that this is the same challenge in which many chief information security officers find themselves. "Outside of financial services, most CISOs don't have authority to secure specific platforms," he says. "They have responsibility for the security, but no authority to put in operational control measures."
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.
InformationWeek Tech Digest, Nov. 10, 2014Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?