Who's Really in Charge of Federal Cybersecurity And Is It Time For A White House CISO?

In the wake of devastating breaches of sensitive government data, is it time for the White House to appoint a high-level official whose sole responsibility is hunting down cyber intruders in federal agency networks? That’s what Richard Bejtlich, chief security strategist for FireEye, told members of the House Armed Services Committee during a hearing on Sept 30.

For more than a decade, the federal government has had a federal chief information officer, and President Barack Obama fulfilled a campaign by appointing the first US chief technology officer in 2009. But high-profile cyber incidents at the Office of Personnel Management, the Postal Service, the State Department and even the unclassified networks at the White House haven’t led to a grand rethink of the government’s cyber org chart. “This is similar to the situation of many private sector businesses before a breach, but after a breach they quickly change,” Bejtlich said. “Thus far, the government has not changed. We still don't have a US [Chief Information Security Officer].”