federal cybersecurity

Melissa Hathaway joins Harvard’s Kennedy School as senior advisor

Melissa Hathaway will help the Belfer Center for Science and International Affairs contribute to a joint Department of Defense project.

Former acting director for cyberspace Melissa Hathaway, who advised the White House on cybersecurity issues and policies for two administrations before resigning in August, was named senior advisor to shape cybersecurity research at the Harvard Kennedy School.

Hathaway, who led a 60-day review of the country’s cybersecurity policies and structures for the Obama administration, will work with researchers at the Belfer Center for Science and International Affairs. She started Oct. 1.

Harvard is looking to add Hathaway’s contributions to Project Minerva, a joint research project focusing on cybersecurity and international affairs. It is being conducted by officials at the Department of Defense, and researchers at Harvard and MIT. Funding comes from both the DOD and the National Science Foundation. From what is known about the DOD project, research has so far focused on China as a global threat and fundamentalist Islamic issues tied to terrorism. Harvard said “the project explores a wide range of the issues within cybersecurity from the contexts of international relations theory and practice.”

The project is not without controversy as some researchers have objected to allocating funds toward getting independent university researchers focused on military objectives.

Harvard said Hathaway will identify policy gaps in international relations with regards to cybersecurity. Hathaway plans to publish at least two papers and contribute to classes at Harvard Kennedy School and Harvard Law School.

From the Harvard press release:

“There are at least 20 international venues that are determining the future of the information communications infrastructure,” Hathaway said. “Our nation needs to determine what it collectively needs and wants – and find ways to foster public and private shared goals.”

Need a security job? The Feds set a cap on security pros

The Department of Homeland Security marks the start of National Cybersecurity Awareness month with a cap on hiring.

The Department of Homeland Security could hire 1,000 cybersecurity related jobs over the three years, according to an announcement Thursday. DHS Secretary janet Napolitano described the positions pretty broadly: Cyber risk and strategic analysis; cyber incident response; vulnerability detection and assessment; intelligence and investigation; and network and systems engineering. That covers just about everything.

Two points that are interesting in this announcement. Napolitano calls the 1,000 position number a “cap.” Also, she says that DHS does not anticipate the need to fill all 1,000 positions.

From the DHS press release:

Although DHS does not anticipate the need to fill all 1,000 positions, this cap reflects the Obama administration’s commitment to equipping DHS with the critical tools necessary to build a world-class cyber organization and compete for cybersecurity talent.

Meanwhile, the role of Cybersecurity Coordinator remains vacant. But as Napolitano points out in her announcement, October is National Cybersecurity Awareness Month. Perhaps this is an incentive for the Obama Administration to announce who will fill the new role.

This is still some fairly positive news, although there’s a lot of room for improvement at the federal level. A recent study highlighted some issues in the DHS hiring process that has impeded getting cybersecurity talent in the federal government. Conducted by the Partnership for Public Service, supported by Booz Allen Hamilton, the study, “Cyber-insecurity: Strengthening the Federal Cybersecurity Workforce“ was conducted from January through June 2009.

From the study:

Since the activities and responsibilities of government cybersecurity positions are ill-defned, IT managers and human resource professionals say it is hard to describe to potential applicants and candidates what cybersecurity jobs entail, and therefore difcult to fnd the right talent. In addition, job seekers cannot readily identify available jobs or decide if they’re qualifed or interested, because they may not know how to translate “government speak” to fgure out what category or job title to consider.

Here are some of the takeaways:

• The pipeline of potential new talent is inadequate.
• Salary limitations hurt retention.
• There is a disconnect between front-line hiring managers and government’s HR specialists.

Wouldn’t it have been great if the federal government could have addressed some of the issues highlighted in this report? It recommends some steps the government could take to improve the hiring process, attract and retain talented cybersecurity pros and measure the success of a new hiring program.

Reuters: Obama ready to select cyber security czar

Reuters reported Wednesday that Frank Kramer, a former assistant Defense secretary under President Bill Clinton. is the lead candidate, according to an unidentified source.

Citing sources close to the matter, Reuters reported today that President Barak Obama is expected to name a security coordinator “in the next week or two.”

U.S. chief technology officer Aneesh Chopra told reporters at a technology conference on Wednesday that he had interviewed candidates for the position, and that a coordinator would be named in the not too distant future.

Reuters calls the lead candidate, Frank Kramer, a former assistant Defense secretary under President Bill Clinton. If this is the case, Kramer signals the need for an international focus on cybercrime. He has been involved in international affairs since the 1970s and turned his focus on technology as a research fellow at the Center for Technology and National Security Policy, part of the National Defense University – which has focused on national security policy and military plans when it comes to understanding technology and policy.

Obama had announced the creation of a White House senior cybersecurity coordinator position in May. Since then a number of names had surfaced as candidates for the position including former Republican U.S. Congressman Tom Davis. Several top cybersecurity officials also stepped down since then, including Melissa Hathaway, Obama’s top adviser on security who spearheaded the 60-day review helping shape the administration’s position on cybersecurity. Last month, Mischel Kwon, the director of US-CERT, the Department of Homeland Security’s research and response unit also resigned.

While it has taken more than three months to name a person to the position, experts say it’s going to take years to realign and coordinate all the different facets of the position, let alone setting priorities that result in bolstering federal cybersecurity.