More than six months since the cybersecurity coordinator position was announced (and three months since rumors flew that a candidate had been selected), the Obama administration has yet to announce a selection for the job. Why? In addition to a few minor issues (Afghanistan, the economy, healthcare reform) dominating the agenda, former senior director for cyberspace at the National Security Council Melissa Hathaway suggests it’s because the job description is too exacting. It requires someone experienced in not only national security and cybersecurity, but also economic security. “There are just not that many people who have that kind of resume,” according to Hathaway.
Eric Chabrow, the Government Information Security reporter who interviewed Hathaway, argues that this means it is time to change the job description. “Sometimes things look better on paper, but in reality they just don’t work.” He considers the exacting qualification requirements only half of the problem, though, positing that requiring the position to report to two bosses, the national security adviser and the national economic adviser, is also deterring a number of potential candidates. Since it is doubtful the administration will change the job description (or hierarchy) at this point, it’s a safe bet that the cybersecurity coordinator announcement won’t be coming soon.
Meanwhile, Congress is paying more attention to cybersecurity. On November 17, the Senate Judiciary Subcommittee on Terrorism and Homeland Security hosted a hearing titled “Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace.” The Senate Select Committee on Intelligence announced earlier this week a new bipartisan task force on cybersecurity, which aims to complete its work by June 2010, and Senators Rockefeller and Snowe have reached out to Homeland Security Secretary Napolitano about their draft cybersecurity legislation. Philip Reitinger, the top cybersecurity official at the Department of Homeland Security, maintains that the agency is moving forward on cybersecurity policy despite the lack of a permanent cybersecurity coordinator. It’s a strong reminder for us all that even when the White House’s attention is diverted, other parts of the government continue, hard at work.