Saturday, May 30, 2009

Evolution of the Cyber "Czar" in Four Easy Steps

Remember the original proposal for a cyber "czar" who would bring coherence to all network security activities across the government? The lines of authority would be crisp and clear. The cyber czar would report directly to the President as a sign of his or her authority. He or she could just walk into the Oval Office all alone and tell it like it is.

Need an organization chart? Piece of cake:Well, on second hand, that may not quite work. Cyber security is a matter of national security, and the departments need to weigh in on cyber issues through existing channels.

But, really, that's no problem. We'll put the cyber czar into the National Security Council. There will still be one voice and one chain of command for all cyber security issues. It will just go up through the National Security Adviser. And, of course, the National Security Adviser will escort the czar into the Oval Office.

Guess we'll have to change the title, though:

Wait! We reckoned without Larry Summers and the National Economic Council. We don't want national security types running amok and wrecking the most innovative sector of the economy with incautious regulation in the name of security.

Anything the cyber czar does really needs to be subject to the full discipline of an economic review. Make the position part of the NEC process too. The czar can report up through both the National Security Adviser and the National Economic Adviser. Once the czar has found a position that both advisers can agree on, well, they'll both go into the Oval Office with him, just to keep him honest.

Okay, with two bosses, perhaps another description of the position is in order:

Hold the presses! NEC isn't the only White House office that wants to assert its prerogatives. What about OMB, which traditionally sets budget standards and measures departmental compliance with White House priorities? What about the CIO and CTO positions that the President just filled with such fanfare? They aren't chopped liver. Cyber security is all about information and technology. Oh, and the Office of Science and Technology Policy -- what is cyber security policy if it isn't science and technology policy?

Better give them a veto over what the cyber czar says to the President, too. We'll have to move the meetings out of the Oval Office, of course, but there's bound to be an auditorium nearby.

With these changes, we'll need a new org chart and a new title, but surely there's a czar who could serve as a role model for the position. ... Um ... hang on ... it'll come to us ...

Yes! We've got it:

No comments: