White House cyber czar and other security non-events of '09

Cybersecurity was low on the US government's agenda in 2009

A new administration in Washington this year was expected to herald sweeping changes on the national cybersecurity front.

Expectations were high that the Obama administration would elevate cybersecurity as a national security issue at a time when government agencies and critical infrastructure targets are under growing threats from a range of adversaries.

However, as the year draws to a close, those expectations have become somewhat tempered with the realization that change on the cybersecurity front may be a little slower in coming, especially considering all the other priorities confronting Congress.

Here are three cybersecurity stories that promised much, but delivered little.

White House cyber czar: Waiting for Godot?

There was considerable enthusiasm when President Obama announced his plans to appoint a White House coordinator to oversee the implementation of a national cybersecurity strategy.

Many security analysts, and even the President's own former cybersecurity adviser, Melissa Hathaway, had said that such a role was vital to getting federal civilian agencies to work together on a common cybersecurity agenda.

That was in May. Today, with less than two weeks left in 2009, seven months after the announcement, there appears little chance that the Obama administration will name someone to the post. Even if it does, chances are high that the appointee will wield little clout in influencing real change on information security issues.

In the months since Obama announced the position, much of the prestige that was once associated with the role has eroded. A lot of that has stemmed from the way the job has been positioned within the executive offices of the President.

Instead of reporting directly to the President as many had hoped, the cybersecurity coordinator will report both to the national security adviser and the senior White House economic adviser &$8212; a situation that makes the role more symbolic than anything else, analysts say.

The manner in which the role has been defined has left the White House with few takers for the job, with numerous high-profile individuals reportedly declining offers, including Microsoft's Scott Charney, Virginia Sen. Tom Davis, and RSA's Art Coviello.

Health care breach notification bill: Neutered at birth

Concerns stemming from health care fraud pushed Congress to introduce legislation this year requiring all health care entities to publicly disclose data breaches involving patient health information.

The bill was part of the $20 billion Health Information Technology for Economic and Clinical Health Act, passed as part of the stimulus package earlier this year and widely welcomed by many as a long overdue measure.

However, the U.S. Department of Health and Human Services, which is the agency responsible for developing the rules, introduced a last minute"harm threshold" requirement that privacy advocates say completely guts the intent of the bill.

The change was made just days before the bill went into effect and requires health care entities to publicly disclose breaches, but only if they think the breach will cause financial or reputational harm to those whose data was compromised.

Outraged privacy advocates have been trying to get the harm requirement removed. They insist that all it does is give health care entities a perfect excuse not to disclose any breaches involving patient data.

A federal data breach law: So close and yet so far

Earlier this month, the U.S. House of Representatives passed H.R. 2221, the Data Accountability and Trust Act (DATA). The bill, among other things, creates a federal standard for businesses to notify customers and the Federal Trade Commission (FTC) of security breaches involving sensitive data.

But with theSenate version of the bill (Personal Data Privacy and Security Act of 2009 — S.1490) still only waiting to be considered by the full Senate, yet another year is set to close with no federal data breach law.

Many have argued that a single federal data breach law would be far easier for companies to comply with than the patchwork of laws from more than 40 states that they have to deal with currently.

Legislators have been trying to get a national breach law passed for several years now and 2009 looked like the year it would finally happen. But it was not to be.

Join the PC World newsletter!

Error: Please check your email address.

Tags cyber security

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jaikumar Vijayan

Computerworld (US)
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?