Hathaway to Head Cybersecurity Post
WASHINGTON — President Barack Obama will tap a top aide to President George W. Bush’s intelligence director to head his cybersecurity effort, according to government officials familiar with the decision. An announcement is expected as early as Monday.
The appointment of Melissa Hathaway, a former consultant at Booz Allen Hamilton, is the president’s first major decision on cybersecurity. She will lead a review of the government’s efforts to secure computer networks against spies, terrorists and economic criminals and is expected to then head a new White House office of cybersecurity.
Ms. Hathaway helped develop a Bush administration cybersecurity initiative, which was expected to cost around $30 billion over five years, with spending this year of about $6 billion. Ms. Hathaway’s new job is to carry out a 60-day review of the initiative and recommend a path forward.
On the campaign trail, Mr. Obama criticized the Bush administration for being too slow to address cyber threats and said he would create a “national cyber adviser” who would report directly to the president. “As president, I’ll make cyber security the top priority that it should be in the 21st century,” he said in a speech in July. He equated cyber threats with those of nuclear and biological weapons in a campaign ad he ran at the time.?
The decision to hold a review, however, suggests that any big moves are being put off for the time being.
After his election, Mr. Obama established a transition team dedicated to tackling cybersecurity. Some experts on the team were members of a national commission that recommended consolidating government cyber efforts into one office that would report directly to the president. It would remove major responsibilities from the Department of Homeland Security.
National Security Adviser James Jones, however, wanted more study of the issue and ordered an independent review, which resulted in the appointment of Ms. Hathaway to the White House post to conduct the review, according to one person familiar with the matter.
Ms. Hathaway will be a senior director at the National Security Council, which puts her at the same level as her predecessor in the Bush administration and a few rungs down from directly reporting to the president. Roger Cressey, a former top security aide in the Clinton White House, said he was disappointed the post isn’t higher-level. “They need a nationally known person to run cyber from the White House,” he said. “Otherwise it’s just old wine in a new bottle.”
A senior intelligence official said the review is part of Mr. Jones’s effort to reorient the National Security Council to address more comprehensively problems such as cybersecurity and climate change that span government agencies. Before joining the Obama administration, Mr. Jones was part of a group called the Project on National Security Reform, which is working with the administration on bridging agency divides on national-security issues ranging from terrorism to pandemic flu.
National Security Council spokesman Ben Chang said he couldn’t comment on personnel decisions that haven’t been announced.
Ms. Hathaway was one of a few trusted aides whom Mr. Bush’s director of national intelligence, Mike McConnell, brought with him from Booz Allen Hamilton. Mr. McConnell left the McLean, Va., consulting firm for the top intelligence post in 2007.
At Booz Allen, Ms. Hathaway specialized in cybersecurity strategies. Mr. McConnell asked her to lead his cybersecurity study effort, which grew into the Comprehensive National Cybersecurity Initiative that President Bush started a year ago.
As I sit now with Big O’ on the tv in his first presidential news conference, I have to hope that this position that Ms. Hathaway is taking has the ear of the president. The infrastructure is FUBAR, our grid is old and vulnerable, and the private sector is a freaking mess cybersec wise.
So, Ms. Hathaway, please use the time well to review where we are at and where we need to go. PLEASE use the talent that is out there in the private sector to help you plan and implement the proper changes that are needed as well as an overall paradigm shift in INFOSEC awareness that we need.
In other words, roll up your sleeves and lets get this shit straight.