Acting cybersecurity czar resigns

The White House’s acting cybersecurity czar announced her resignation Monday, in a setback to the Obama administration’s efforts better to protect U.S. computer networks critical to national security and the global economy.

Wall Street Journal’s Siobhan Gorman writes that The resignation highlights the difficulty the White House has had following through on its cybersecurity effort. President Barack Obama first outlined his cybersecurity plans in a high-profile speech 29 May, announcing his intention to create a top White House cybersecurity post — a position he has yet to fill.

Melissa Hathaway, who completed the Obama administration’s cybersecurity review in April, said in an interview that she was leaving for personal reasons. “It’s time to pass the torch,” she said, adding that she and her colleagues have provided an “initial down payment for what’s needed to start to address cybersecurity.”

In the past year, intelligence officials have grown increasingly concerned about Chinese and Russian cyberspies surveilling U.S. infrastructure and military networks.

Gorman writes that people familiar with the matter said Hathaway has been “spinning her wheels” in the White House, where the president’s economic advisers sought to marginalize her politically. Cybersecurity is “a major priority for the president,” White House spokesman Nicholas Shapiro said, adding that the administration is “pursuing a new comprehensive approach to securing America’s digital infrastructure.” In the search to fill the top cyber post, “the president is personally committed to finding the right person for this job, and a rigorous selection process is well under way,” he said.

Hathaway had initially been considered a leading contender to fill the cyber post permanently. She lost favor with the president’s economic team after she said it should consider options for regulating some private-sector entities to ensure they secure their networks, said cybersecurity specialists familiar with the discussions. Being a holdover from the Bush administration did not help either, they said.

In February, the White House tapped Hathaway, a senior intelligence official who had launched President George W. Bush’s cybersecurity initiative, to lead a 60-day cybersecurity policy review. Hathaway completed her review in April, but the White House spent another 60 days debating the wording of her report and how to structure the White House cyber post. National Economic Adviser Larry Summers argued forcefully that his team should have a say in the work of the new cyber official.

The result was a cybersecurity official who would report both to the National Security Council and the National Economic Council (see 6 June 2009 HSNW). Supporters said that arrangement would cement cybersecurity as a critical security and economic issue; detractors said it would require the new official to please too many masters and would accomplish little.

Cybersecurity experts inside and outside the government praised Obama’s 29 May speech, but since then, several people have turned down offers for the job. “It’s almost like the system has become paralyzed,” said Tom Kellermann, a former World Bank cybersecurity official who served on a commission whose work influenced the White House’s cyber planning.

In recent weeks, new front-runners have emerged, including a former Clinton assistant defense secretary, Franklin Kramer, and Howard Schmidt, a former top security officer at eBay Inc. who has served on several presidential cybersecurity panels.