In an earlier post, I flagged up the fact that the head of cybersecurity at the Department of Homeland Security (DHS) just happens to be at the same IT security show in London as someone who appeared to have made negative comments about his department's leadership.
I have managed to speak to both parties involved now, and one of them at least claims their relationship is not as antagonistic as it has been reported.
After one of his presentations at the RSA Conference Europe, I managed to catch-up with homeland security expert Paul Kurtz, who was recently quoted as saying that, “There really is no one in charge right now at DHS”.
Kurtz (part of a Center for Strategic and International Studies (CSIS) panel that is undertaking a review of cybersecurity with the aim of creating recommendations for the new US administration) appeared to have a negative view on the role the DHS is taking around cybersecurity strategy judging from this article. Unfortunately, the man charged with running the cybersecurity division of DHS - Robert Jamison - was also attending RSA in London.
When I spoke with Kurtz, he claimed that my earlier post and presumably the CNET story, was misleading and that he and Jamison have worked in the same circles for a long time and that there was no personal animosity between the two of them. In fact, it turns out that they ended up going out for dinner at the event according to Kurtz. “It is not personal at all,” he said.
However Kurtz did admit that he felt there was a leadership issue at the DHS. “There is a legitimate question of who is in charge at the DHS, who is directing the traffic there? But that shouldn’t all be laid at the feet of Robert Jamison, that is unfair.”
For his part, when I spoke to Jamison yesterday, he didn’t disagree when I claimed that Kurtz had been critical of him but just gave me a kind of knowing smirk. One of this spokespeople also made it clear that the CSIS panel had not been very communicative with Jamison or his office in the course of investigations which Jamison’s people found obviously frustrating. Kurtz on the other hand maintains that the panel did meet with Jamison and communication channeles were open - so who is right? Probably both but with different perspectives on “communication”.
But when it comes to his wider views on the performance of Homeland Security and it being the best place to coordinate US cybersecurity policy, Kurtz said that one of the options the committee is considering is pushing the responsibility into the White House. “There is a lot of thinking that given the complexity of the issue, the broad strategic policy and programme coordination should emanate from the White House,” said Kurtz.
That is not to say that the DHS wouldn’t have role in cybersecurity but possible only one on the same level as other departments such as Defence and Justice said Kurtz. The White House’s involvement would allow for a “broader perspective” beyond that one just one department and also encourage the involvement of the private sector, Kurtz added.
The report from the CSIS is due around a week after the election so we will just have to see what the findings are but if the rest of the panel follow Kurtz’s views then DHS under a McCain or Obama leadership could well find itself relegated to being just one contributor to cybersecurity strategy.