When Rod Beckstrom recently stepped down as head of the National Cyber Security Center, an already heated debate reached fever pitch: Which agency should take the lead in cybersecurity? Or should any agency take the lead at all? In his resignation letter, Beckstrom argued that the NSA “currently dominates most national cybersecurity efforts,” meanwhile “the threats to our democratic processes are significant if all top level network security and monitoring is handled by any one organization.” On the heels of Beckstrom’s resignation, how should the federal government address the ongoing challenge of cybersecurity? Rob Housman, acting executive director and chairman of the board of The Cyber Security Institute, offers his perspective to ExecutiveBiz.
What“™s your take on Rod Beckstrom“™s resignation the other week?
Rob Housman: I“™m not blaming Beckstrom “” so let“™s start there. I think Beckstrom is a dedicated civil servant who tried his very best under difficult circumstances. He was operating in a world where he himself said he didn“™t have a budget and couldn“™t really get a lot done.
How would you describe the government“™s current approach to cybersecurity?
Rob Housman: Hack and patch. Somebody hacks, if we“™re lucky we find it, we patch. That“™s not a good way to approach cybersecurity. Something different needs to happen to shake up the system.
You“™ve argued NSA should “shake up the system,“ not DHS. Why?
Rob Housman: In a perfect world DHS could do it as well. However, in the real world DHS has become locked in a particular mindset. A transfer of power would compel people to understand that what was being done was not acceptable.