Obama Appoints IT Security Czar
Michael Markulec, COO of Lumeta Corporation, writes in CIO Update that the Obama Administration has appointed Melisa Hathaway as Advisor to the President on National Cyber Security. For a more comprehensive review of the appointee and her relationship to the Bush Administration see Siobhan Gorman’s article in the Wall Street Journal, Hathaway to Head Cybersecurity Post. Markulec is all for the newly created position. He points to the disconnect between the federal government and the private sector when it comes to our infrastructure and the necessary control systems in these most important industries. He states the obvious that their connection to the internet leaves us open to a cyber-attack. He also touts Hathaway’s concern that simple hand-held devices can be used to conduct foreign and industrial espionage.
I’m sorry but I just don’t see anything new or any quantum leap towards more effective cyber security from this newly created position. But one only needs to read further and the newness becomes apparent. Markulec predicts, and I agree with him, that new regulations are on the way. He compares the coming new regulations for the IT community and the CIO to the Sarbanes-Oxley legislation aimed at corporate CFO’s. Well, I guess we all know how that went. Do we really need more regulations or do we just need enforcement of the existing laws? If we are using our latest string of financial debacles as our guide, I guess arguments can be made for both sides. Some might say if the Congress didn’t block the creation of regulations for Freddie Mac and Fannie Mae we might not have had the subprime mortgage meltdown. Others might argue if the SEC had only investigated and enforced its own existing regulations the Bernie Madoff Ponzi Scheme would have been discovered much sooner with less devastating financial losses for investors.
I think the Obama Administration may have tipped their hand at what may or may not be coming down the pike as it relates to cyber security, and that I am afraid is more of the same. Gorman reports that James Jones, National Security Advisor, has requested a further study on cyber security. Hathaway is tasked with conducting this 60 day study. And so the end result will be a study that will collect and discuss issues that are apparently known. Will the ends justify the means? Will we have tougher regulations for CIO’s as Markulec predicts, and if we do, will they be enforced and make any difference? That remains to be seen.
