Barack Obama has ordered an extensive 60-day review of America’s computer security policies. It will be chaired by a former senior advisor to George W Bush’s intelligence director.
Melissa Hathaway has been asked to develop a system to improve coordination between security efforts across all aspects of government and those in the private sector. Last October Hathaway wrote an editorial column noting the co-ordination issue:
We also need a fundamental rethinking of our government’s traditional relationship with the private sector. A high percentage of our critical information infrastructure is privately owned, and industry needs to know what government knows about our adversaries’ targets and, to the extent we understand them, their methods of operation.
When it comes to cyber security, government and the private sector need to recognize that an individual vulnerability is a common weakness.
The review follows a warning last November by a Congressional commission that China was dominating the US in the battle for military dominance online. It warned that “China’s current cyber operations capability is so advanced, it can engage in forms of cyber warfare so sophisticated that the United States may be unable to counteract or even detect the efforts”
Hathaway’s work on the review may act as a final audition before becoming a so-called ‘cyber czar’, at which point she’d have a White House position reporting directly to Obama. For now she’ll be senior director at the National Security Council, putting her several rungs down the bureaucratic ladder. There’s some debate about what level of power would be needed to bring about effective change in government policy and practice.
Computer security firms will be particularly interested in the outcome of the review, with several Pentagon contractors already working on classified cybersecurity projects. Reuters quotes industry executives as saying there could be contracts worth a total of more than $10 billion up for grabs within four years.