Symantec VP Named Fed Cybersecurity Chief

Homeland security also to partner with Carnegie Mellon to battle Internet attacks
After going nearly five months without a cybersecurity chief, the Bush administration last week named Symantec Corp. VP Amit Yoran as director of the Homeland Security Department's National Cyber Security Division. A West Point grad and former computer-security entrepreneur, Yoran fills a void left by Richard Clarke, who served as White House special adviser on cybersecurity, a post that no longer exists. Though Clarke worked directly with Homeland Security secretary Tom Ridge, the new post is three steps beneath Ridge. Yoran will report to Frank Libutti, the undersecretary for information analysis and infrastructure protection.

Analyst Peter Lindstrom of Spire Security, a security market-research firm, doesn't hold high expectations for the post. "I don't see the job effecting strong policy change; it's more of connecting all of the dots in the federal government," Lindstrom says. "[Yoran] has responsibility but no authority. He can just elevate the issues and change discussion to where it makes sense."

Symantec Corp. VP Amit Yoran

Yoran has a different place in the hierarchy than his predecessor
Yoran is VP of managed security services at Symantec, where he's responsible for customers' security infrastructures in 40 countries. Yoran had been CEO of Riptech Inc., an information security outsourcing firm he founded, until Symantec bought the company in 2002 for about $145 million. Before Riptech, Yoran was director of the vulnerability-assessment program at the Defense Department's computer-emergency response team and a network-security manager at the Pentagon.

The ranking Senate Democrat on government IT issues, Joseph Lieberman of Connecticut, said in a statement that Yoran is qualified, but he "will be playing a difficult game of catch-up" because the administration hasn't paid adequate attention to cybersecurity.

Yoran's appointment came within hours of an announcement that Homeland Security will partner with Carnegie Mellon University to create the U.S. Computer Emergency Response Team to coordinate efforts to prevent and respond to attacks across the Internet.

Editor's Choice
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Terry White, Associate Chief Analyst, Omdia
Richard Pallardy, Freelance Writer
Cynthia Harvey, Freelance Journalist, InformationWeek
Pam Baker, Contributing Writer