Technically, Amit Yoran was the director of the Department of Homeland Security's National Cyber Security Division. In reality, he was the nation's third cybersecurity czar, following in the footsteps of Richard Clarke and Howard Schmidt. Despite his youth, he brought an impressive resume to Washington: A West Point graduate who did cybersecurity work for the Pentagon, he founded the managed security services company Riptech and led the managed services division for Symantec.
At DHS, he had a tough job: Merging various federal security agencies under one roof to secure the nation's critical infrastructure and leading the defense of the federal governments IT assets. Yoran, 33, abruptly quit his post last month, succeed by interim director Andy Purdy.
Our sister publication, Information Security magazine, caught up with Yoran to talk about his year at DHS, what the federal government is doing about cybersecurity and his future plans.
ISM: Why did you leave your position?
YORAN: My job was building an cybersecurity organization at DHS. Before I started, I talked with Secretary Tom Ridge and other DHS folks about doing in it in about a year's time. We've launched US-CERT, built the DHS cybersecurity operations and have a number of initiatives underway. I think things are off on the right foot and it's a good time to move on.
ISM: Some say you were frustrated and pointed to a one day's resignation notice as a sign of that. Why did you leave so suddenly?
YORAN: I haven't said I am or was frustrated. Sometimes, if other people were feeling that, it may be easier for them to attribute to me, but I have not characterized that as my feelings.
ISM: Does DHS take cybersecurity seriously?
YORAN: DHS has taken cybersecurity seriously. I think the national strategy is fundamentally correct.
ISM: What were the highlights of your tenure?
YORAN: Broadening public-private sector interaction and building some capability to go out and recruit some very talented people for DHS. For the first time ever, we've mapped out what the federal government IP space looks like. That's the first step to helping to protect the governments systems and networks. They're now mining very large data sources to detect and respond to malicious activities against the government. They're also providing some fundamental vulnerability assessment and analysis of what the government's space looks like. While each one of these things is a somewhat tactical step forward, they're vitally important for the government to add value to its constituents--the departments and agencies.
ISM: What still needs to be done to improve cybersecurity?
YORAN: We need to reform government practices beyond the paper drills and paper-intensive processes. I've seen instances where the number of folks providing oversight for security managers on a paper outnumbers the people with fingers on the keyboard. That kind of mind-set needs to change. On a broader public-private partnership, many folks in the private sector don't fundamentally understand how the government can help their cybersecurity. If the government wants to be a full partner with the private sector on cybersecurity, a very clear value proposition needs to be defined.
ISM: Would it be helpful to have whoever succeeds you have direct access to the White House?
YORAN: As the state of cybersecurity and the use of technology evolves in the country, strategy and policy discussions will continue to unfold, and that's the sort of dialogue that will including the White House. For the operations and execution of cybersecurity matters, I fundamentally believe cybersecurity belongs at DHS.
Note: This article originally appeared in the November issue of Information Security magazine. Subscribe to Information Security magazine.