The Department of Homeland Security Cybersecurity Enhancement Act, approved by the House Subcommittee on Economic Security, Infrastructure Protection and Cybersecurity, would create the position of assistant secretary for cybersecurity at DHS. The bill, sponsored by Representatives Mac Thornberry, a Texas Republican, and Zoe Lofgren, a California Democrat, would also make the assistant secretary responsible for establishing a national cybersecurity threat reduction program and a national cybersecurity training program….
The top cybersecurity official at DHS has been the director of the agency’s National Cyber Security Division, a lower-level position, and technology trade groups for several months have been calling for a higher-level position that could make cybersecurity a higher priority at DHS.
Sadly, this isn’t going to amount to anything. Yes, it’s good to have a higher-level official in charge of cybersecurity. But responsibility without authority doesn’t work. A bigger bully pulpit isn’t going to help without a coherent plan behind it, and we have none.
The absolute best thing the DHS could do for cybersecurity would be to coordinate the U.S. government’s enormous purchasing power and demand more secure hardware and software.
Here’s the text of the act, if anyone cares.