The Public Eye with Eric Chabrow

First CTO Suggest Cybersecurity Role for New CTO

First CTO Suggest Cybersecurity Role for New CTO

The first federal CTO thinks the new federal CTO also could serve as the federal cybersecurity czar.

Norm Lorentz served as the federal chief technology officer in 2002 and 2003, working within the White House Office of Management and Budget. In that job, Lorentz focused on developing the federal IT enterprise architecture, in which information security was a crucial component.

If the Obama administration opts not to create a White House office to oversee cybersecurity - and that's a big if - then the new CTO could assume that portfolio as well, suggests Lorentz, a strategic adviser at the nonpartisan and not-for-profit Partnership for Public Service.

The new CTO post, established last week by President Obama, is a more highly placed job within the White House, focused on overall technology policy than the more hands-on business-technology position Lorentz held more than a half decade ago. For the new job, Obama tapped Virginia Technology Secretary Aneesh Chopra, who will work out of the White House Office of Science and Technology Policy.

As opposed to the day-to-day responsibilities of federal CIO Vivek Kundra in keeping the government's IT systems functioning and secure, Obama is calling on Chopra to identify new technologies to make government more responsive to its citizenry. As OMB communications director Ken Baer explains: "The CTO is a policymaker who will help develop the president's technology programs, such as expanding broadband access, developing electronic healthcare solutions and formulating net neutrality positions."

Yet, Lorentz says, adding cybersecurity to the duties of the newly defined CTO role would not be a stretch. "In an administration that's injecting technology into the policy arena," he says, "the CTO can deal with cybersecurity issues as well."

Lorentz isn't alone in suggesting the CTO be given cybersecurity authority. Legislation proposed by Rep. Gerald Connolly, D.-Va., would charge the federal CTO with assessing IT systems and applications on cybersecurity and personal privacy. "The CTO will ensure the safety of our networks and will lead an interagency effort, working with chief technology and chief information officers of each of the federal agencies, to ensure that they use best-in-class technologies and share best practices," Connolly wrote in a letter to his colleagues.

It's doubtful, though, the new CTO will be given the cybersecurity assignment, given the charter the president gave Chopra when naming him last week as well as the recommendations presented by the Commission on Cybersecurity for the 44th Presidency, which White House advisor Melissa Hathaway seriously considered in the review she conducted for the president on federal cybersecurity policy, says Dan Chenok, an advisor on IT security matters to the Obama administration and chairman of the National Institute of Standards and Technology's Information Security and Privacy Advisory Board. "I wouldn't rule it out," Chenok said, "but that would surprise me."



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.