This article was published in Scientific American’s former blog network and reflects the views of the author, not necessarily those of Scientific American
On supporting science journalism
If you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.
White House acting cyber security czar Melissa Hathaway on Monday became the latest to walk away from a position that (ostensibly, at least) promises to play the primary role in protecting the nation's digital infrastructure. Hathaway told The Wall Street Journalshe was leaving the White House after about six months there for "personal reasons," but the paper also made clear that Hathaway (like many of her federal-level cyber security predecessors) was embroiled in a power struggle that she was unlikely to win.
Hathaway, a holdover from the Bush administration, locked horns with President Obama's economic team, the Journal reports, after she said it should consider options for regulating some private-sector entities to ensure they secure their networks. Instead of "spinning her wheels" in the White House, as one Journal source put it, Hathaway decided to "pass the torch."
The torch to which Hathaway refers is the difficult job of implementing the recommendations she and her team developed after President Obama ordered a 60-day review of the nation's cyber security policy. The White House proceeded to spend the 60 days following the report's completion in April "debating the wording of her report and how to structure the White House cyber post," according to the Journal.
Hathaway's brief tenure with the White House didn't exactly manifest the vision President Obama laid out for his cyber security chief in a May 29 address focusing on what needed to be done to protect the country's information technology infrastructure. During that speech, Obama announced he would create a new office in the White House that would be led by a cyber security "coordinator" on whom he would depend in "all matters relating to cybersecurity [sic]." He also said that this official would have "my full support and regular access to me as we confront these challenges."
The U.S. government has gone through cyber security directors much the same way the TV character Murphy Brown went through secretaries. The parade of security experts began with Richard Clarke, whom President George W. Bush appointed special advisor to the president for cyber security (a position outside the White House, unlike Hathaway's) in December 2001. Clarke resigned in January 2003. (This would prove to be one of the longer tenures at this position.) Howard Schmidt, a former Microsoft information security director, took over briefly before leaving in May 2003 to join eBay. Later that same year, the main cyber security position was moved to the Department of Homeland Security. Amit Yoran became director of Homeland Security's National Cyber Security Division but left about a year later, reportedly feeling the Bush administration was giving the issue short shrift.
The National Cyber Security Division took a back seat to the National Cyber Security Center, which President Bush established in January 2008 as an office within Homeland Security headed by a cyber security czar who would report to both the National Security Council and the National Economic Council in the White House. Rod Beckstrom became the center's first czar but resigned in March after less than a year, complaining in his resignation letter [pdf] that the National Security Agency (NSA) "dominates most national intelligence efforts" and noted that the center last year "received only five weeks of funding, due to various roadblocks engineered within the department and by the Office of Management and Budget." Beckstrom, who became chief executive of the Internet Corporation for Assigned Names and Numbers (ICANN) in June, also wrote in his letter his belief that the NSA's domination of most national cyber security efforts was a "bad strategy."
Image ©iStockphoto.com/ Joseph C. Justice Jr.