News Stay informed about the latest enterprise technology news and product updates.

White House cybersecurity advisor calls for public-private cooperation

Melissa Hathaway delivered precious few details about her 60-day review of the country's cybersecurity policies and structures during her RSA Conference keynote.

SAN FRANCISCO -- Having made no public comments during the past two months, Melissa Hathaway took center stage Wednesday at the 2009 RSA Conference to deliver a high-level summary of her team's 60-day review of the country's cybersecurity policies and structures.

Hathaway, acting senior director for cyberspace for the National Security and Homeland Security Councils, is thought to be a candidate for the national cyber advisor, a White House-level position that would oversee U.S. cybersecurity and institute the mechanisms for information security cooperation domestically and internationally.
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.
While short on details, Hathaway's 30-minute speech stressed the need for collaboration between the public and private sectors in securing cyberspace, and in turn the economy, civil infrastructure, public safety and national security.

"The White House must lead the way forward with leadership that draws upon the strength, advice and ideas of the entire nation," Hathaway said.

She stressed that the United States must ground itself as a leader in addressing vulnerabilities in cyberspace, and that no one government agency has a broad enough perspective to lead this effort. Hathaway's statements seemed to quash concerns that responsibility for cybersecurity would be handed over to the National Security Agency, reaffirming earlier statements made by director Lt. General Keith Alexander. The NSA chief told RSA Conference attendees a day earlier that the NSA had no interest in running cybersecurity for the country.

Hathaway added that the government must be vigilant in securing critical infrastructure, such as water, communications and the electrical grid. This also includes cooperation with the private sector, which designs, builds, owns and operates most of the infrastructure in use.

RSA Conference 2009

For all the latest news, podcasts and more direct from the show floor in San Francisco, visit our RSA Conference 2009 special news coverage page.

"The public and private sector's interests are intertwined with a shared responsibility for ensuring a secure, reliable infrastructure upon which businesses and government services depend," Hathaway said. "Information is key to preventing, detecting, responding to and recovering from cyber incidents. Again, this requires evolving our partnerships together.

"Government and industry leaders, both here and abroad, need to delineate roles and responsibilities, balance capabilities, and take ownership of the problem to develop holistic solutions."

Hathaway's report on the state of U.S. cybersecurity was delivered to President Barack Obama on Friday; she said the results should be made public in the coming days. Hathaway said the review touches on every facet of government networks, including the missions of computer network defense, law enforcement investigations, military and intelligence activities, and how those intersect with information assurance, counterintelligence, counterterrorism, telecommunications policies and general critical infrastructure protection.

Hathaway's team of government cybersecurity experts identified more than 250 needs, tasks and recommendations, she said. She also requested that government agencies identify new or existing requirements they may have. She added that her team connected with the security industry, academia, civil liberties and privacy entities, state governments and executive branches of government.

"Our outreach involved unprecedented transparency and engagement for a National Security Council initiative and having come from the private sector myself," Hathaway said, "I recognized it was vital to the review's overall success.".

During the Bush administration, Hathaway served as senior advisor to the Director of National Intelligence, John Michael McConnell, chaired several cybersecurity-related groups and helped develop the Comprehensive National Cybersecurity Initiative (CNCI). The CNCI plan is a $40 billion classified plan that has 12 components, including the Trusted Internet Connections (TIC) program. TIC's goal is to trim the number of connections from federal computer systems to outside networks from more than 4,000 to fewer than 100. The Einstein system, a network-monitoring tool used by DHS to monitor and analyze traffic moving through federal networks, is a key component of TIC.

Dig Deeper on Information security laws, investigations and ethics

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.