Security News > 2001 > January > Clinton makes last-minute cybersecurity appointments

Clinton makes last-minute cybersecurity appointments
2001-01-24 08:14

http://www.computerworld.com/cwi/story/0,1199,NAV47_STO56725,00.html By DAN VERTON January 22, 2001 In what is being described as an eleventh-hour move designed to deliver one last political dig at President George W. Bush, former President Bill Clinton on Friday appointed 21 people to advise his successor on how best to protect the nation's critical information infrastructure from attack. Some experts view the last-minute appointments to the National Infrastructure Assurance Council (NIAC), including some former Clinton aides and Democratic Party financial backers, as a move that unnecessarily politicizes a vital government effort to encourage private-sector cooperation on critical infrastructure protection and cybersecurity. "There is no question that establishing a NIAC is important," said John Tritak, director of the Critical Infrastructure Assurance Office, an agency under the Commerce Department. "The question is whether it was appropriate [for Clinton] to appoint advisers for his successor," said Tritak. "It has nothing to do with the quality of the people on the list. But it's like picking the other guy's team and it unnecessarily raises the question of politicization. I personally think it was a mistake." Clinton established the NIAC by executive order in 1999. The council's purpose is to advise the president on cybersecurity and to enhance the partnership between the public and private sectors to address threats to the nation's critical infrastructure. Part of that responsibility includes monitoring the development of private sector Information Sharing and Analysis Centers, such as the IT-ISAC established last week by 19 technology vendors (see story), as well as making recommendations to the National Security Council on how to improve cooperation between federal agencies and private companies. The national security community has been working to set up the NIAC for more than a year. However, it is unclear whether Clinton ran out of time to evaluate the membership of the council or if it was a calculated political move. Sources say some of the members, including some Clinton supporters, were "shocked" by the appointments and are fearful of being linked to any politicization of an issue they feel should remain above politics. Some of Clinton's appointments to the NIAC include Wellington E. Webb, the Democratic mayor of Denver, Lawrence P. LaRocco, a lobbyist and former Democratic congressman from Idaho, and Jack Quinn, the co-chairman of Chevy Chase, Md.-based consulting firm Quinn Gillespie & Associates LLC, who once served as counsel to Clinton and chief of staff to former vice president Al Gore. Alan Paller, director of the SANS Institute in Bethesda, Md., and one of the newly appointed NIAC members, said he is unaware of any negative fallout to the overall critical infrastructure protection effort as a result of the late appointments. However, Paller said he agrees with an effort underway by Richard Clarke, national coordinator for security, infrastructure protection and counterterrorism, to create a leaner, more focused government effort by reducing the number of advisory boards and groups that deal with critical infrastructure protection. "The loose network of committees and councils have not yet had a positive impact and I have not heard any arguments that would lead me to believe the impact will improve," said Paller. "This is not to cast aspersions on the folks who planned or staff the committees. Rather, it is a basic mismatch that occurs when you ask well-meaning nontechnical people to guide the actions needed to solve a thorny technical problem," he said. In a recent interview, Jeffrey Hunker, the former senior director for Critical Infrastructure Protection at the National Security Council under Clinton, said the backbone of the critical infrastructure protection effort was created "explicitly recognizing that this was a new type of challenge and that a czarlike structure would not work." "There are too many interests and powerful interests" involved for a czarlike structure to work," said Hunker. "Still, you need somebody to manage the effort and crack the whip," he said. "In the real world, these kinds of advisory councils usually have negligible impact," said Steven Aftergood, an analyst at the Federation of American Scientists in Washington. "The Bush administration may be inclined to let the new council meet while the members' two-year terms run out," he said. "That won't prevent the administration from developing its own policies." Although the Bush administration will likely conduct a review of the entire national cybersecurity structure and is in no way bound by the Clinton appointments, the NIAC may, in the end, be the one overarching policy body to survive, said Tritak. "A NIAC is a fundamental pillar of a national critical infrastructure assurance policy," said Tritak. "The NIAC is one of those things that is going to be looked at on its merits and will be judged independent of what the new administration decides to do to the other pieces of the puzzle." ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".


News URL

http://www.computerworld.com/cwi/story/0,1199,NAV47_STO56725,00.html