Tuesday, August 04, 2009

White House ‘Cyber Czar’ Resigns; Let’s Not Replace Her


the_white_house1

By Michael Tanj

(http://www.wired.com/dangerroom/2009/08/white-house-cyber-czar-resigns-good-riddance/)

The White House’s acting “cyber czar” just resigned, with no permanent replacement in sight. Which is just fine. We can make more progress on the network security front without such a “czar.”

For starters, we’ve had reasonable facsimiles of cyber czars before — to little effect. The studies have been done, the list of tasks complete, yet we continue to fail year after year.

Second, the cyber czar, like most actual royalty in the world these days, is destined to be more figurehead than Sun King. He (or she) would have no power of service providers or industries that are both the underpinnings of cyber space and the victims of online assaults. Despite grandiose claims to the contrary, the government has very little direct impact on how safe national resources are online.

Finally, even if the czar did have a lot more pull with industry than he actually would; how does she put that juice to good use? Given that the czar and the individual with the power to make things happen in cyber space are not the same person: she doesn’t.

A “czar” position is the exact opposite of what we need to successfully defeat cyber space adversaries. The botnet that denies service to your governmental web sites might have been assembled by a Brazilian, who borrowed code from an Israeli, who launders his money through a Russian. None of them have met in person, and next month they may all switch roles - and throw in some Americans and Chinese to boot - for a totally different attack. A cyber czar is fighting a network with an org chart.

Forget trying to shoe-horn technology stars into government cyber security jobs (a worthy if doomed-from-the-start experiment) or creating more useless bureaucracy with another czar. We need a facilitator - someone with a lot of betweenness and closeness, to use some social networking terms - to make sure that the right people are talking, sharing, and collaborating as they best see fit. Collaboration is key to improving security and collaboration comes from trust, not edicts from the Kremlin. We’re not going to abandon our bureaucracies, so let’s move forward using that age-old mechanism for getting things done in bureaucracies: IKAGWKAG (”I know a guy who knows a guy”). The guy who knows the most guys is the guy you want in this job. Find him, and then sit back and watch what happens when you stop fighting real problems with a Visio diagram.

[Photo: Whitehouse.gov]