Bob Gourley posted a blog entry on CTO Perspective with his thoughts on the new bipartisan cybersecurity bill.
“Creating a National Center for Cybersecurity and Communications (NCCC) in DHS with a leader also confirmed by the Senate sends a similar message (that cyber is being taken seriously), but it also empowers an individual and group to do something that no one has been authorized to do before (at least no one under the rank of President). This office will have authority to lead across government. As a CTO with enterprise experience I respect this kind of position. I am convinced you cannot defend large enterprises without the smart application of both central authority and decentralized action. If you try with either of those missing you fail.”
Gourley noted his concern that the position being abused, putting emphasis on making the right selection for the position.
“I am not worried about too much technical authority being drawn into one location, there are too many forces at play to keep that power from being abused and, if the person and staff are picked carefully, they will avoid making decisions that impact missions in a negative way. Notice I have caveated my opinion here. The nation must choose wisely and put a very smart technology leader in this position. Someone who can enforce the right standards and give direction when required but can back off and let agency IT leaders run things when required and that person must be smart enough to know when and how to decide what to decide about.”
Click here to read the entire post.
