DHS: Former 'whipping boy' of Congress
The Homeland Security Department served as "the whipping boy" of Congress during the Bush administration, which only magnified challenges faced by the young organization, said the former cyber chief of DHS during a roundtable discussion Thursday.
The Homeland Security Department served as "the whipping boy" of Congress during the Bush administration, which only magnified challenges faced by the young organization, said the former cyber chief of DHS during a roundtable discussion Thursday.
DHS holds partial credit for failures to establish a clear strategy for cybersecurity across federal government, said Gregory Garcia, former assistant secretary of cybersecurity and telecommunications at DHS, but "hyper oversight" from a Democratic Congress during a Republican administration also hampered progress.
Frequent calls to testify before House and Senate committees led political appointees to take on the lion's share of responsibilities -- either by obligation or fear of congressional reprimand or both -- leaving qualified civil servants less empowered to do their jobs, said Garcia, who now runs his own information security consulting firm, Garcia Strategies. He added that even he and his superiors at DHS' National Protection and Programs Directorate faced more red tape in accomplishing their missions.
"Don't get out of the way, [but] do your oversight responsibly," Garcia advised.
The situation has marginally improved since a Democratic administration took over, he said, but Congress still has plenty of room for improvement. Specifically, Garcia offered a few suggestions:
First, Congress should gets its own house in order and "walk the walk." In June 2008, the networks of several Congressional offices were hacked by unknown foreign intruders. Some incidents involved offices with an interest in human rights or Tibet.
Second, Congress should let DHS do its job with appropriate levels of oversight.
Third, Congress needs to improve coordination, "just like what you tell DHS to do." Multiple committees claim some responsibility over cybersecurity oversight -- whether their focus be on commerce, justice, or homeland security -- and introduce bills that often conflict with one another. Get on the same page, Garcia said, because this model is not productive.
NEXT STORY: Air Force Needs More PS3s?