First assistant secretary for cybersecurity steps down
Connecting state and local government leaders
Commentary: Greg Garcia's two-year tenure at DHS marked an increased emphasis on improving security.
With a new president, new Congress and a new homeland security secretary due in town next month, it seemed to Greg Garcia like a good time to take leave of his post as the first DHS assistant secretary for cybersecurity and communications.
Garcia stepped down Dec. 5 to return to his career in the private sector, promising to stay focused on the mission of raising awareness and improving the security of the nation’s digital infrastructure. He was appointed to the position in September 2006, when there was a general concern within the IT security community about the administration’s lack of leadership in this critical area. Although much work remains to be done — and probably always will — the past two years have seen an increased emphasis on confronting the vulnerabilities in and threats to our critical infrastructure.
It is hard to say whether Garcia’s appointment was a cause of this emphasis or a result of it, but cybersecurity now has a higher priority within government and is becoming more integral to agencies’ IT programs. Garcia said recently that despite continuing risks and high-profile breaches, government information systems are better protected today than when he assumed his post.
“They are more secure, and they are going to get more secure,” he said. “There is always more to do.”
In taking his leave from DHS, Garcia cited a number of areas of progress. President George W. Bush has mandated a comprehensive cybersecurity initiative focused on hardening government networks to provide a front line of defense, improving cyber intelligence through information gathering and sharing, and research and development of next-generation security tools. DHS has been given the lead role in protecting government systems under the initiative. The Office of Emergency Communications has been established to help develop national, state and local emergency communications programs for first responders.
“And we continue to integrate our overall cyber and communications security strategy to align with the evolving architecture and risk profile of our national information infrastructure,” he said.
President-elect Barack Obama intends to move cybersecurity up a rung in his administration by creating a federal CTO and putting a high-level adviser back into the White House, and this is a good idea. Cybersecurity is not just a governmentwide issue. It is a global issue that cuts across national and public/private sectors. The White House is the proper place for establishing agendas and priorities on international issues.
This is not to say that DHS will not have an important role in implementing these initiatives, and the challenges facing the next secretary and assistant secretary will be significant in this area. Gov. Janet Napolitano, Obama’s choice for DHS secretary, will take over a department that is not long out of its infancy as far as Cabinet-level departments go. It is toddling, and toddlers tend to fall a lot and need quite a bit of direction. But toddlers also can mature and develop their skills surprisingly quickly if the proper direction is provided. The next secretary and assistant secretary will have to ensure that the progress now under way continues.
Cybersecurity by its nature probably will remain in large part a game of catch-up surrounded by an atmosphere of crisis as the government responds to continuing innovations in technologies and in attacks. Garcia deserves credit for keeping his wits about him in this crisis atmosphere and working to improve things. Let’s hope that his successor does as well.
NEXT STORY: IT security outlook: Ominous