eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
With the uncertainty of the election past and normalcy returning to Washington, officials at the Department of Homeland Security are focused on finding a permanent head for the National Cyber Security Division within the next 60 days, insiders say.
The top federal cyber-security job has been vacant since Amit Yoran resigned the post in September. Andy Purdy, one of Yorans deputies, has been the interim director of the NCSD since and had been considered a candidate for the job. Sources with knowledge of the situation, however, now say Purdy is unlikely to get the nod as the divisions director, for a variety of reasons.
“Its generally understood that they need a security person who has been in government and has a good relationship with the admini- stration,” said one Washington source with direct knowledge of the situation. “They want a guy who has credibility with the security community but also knows how to work Washington.”
Sources close to the DHS process could not name the top candidate but said the department has a specific person in mind and is hoping to have the position filled within a month or two, pending final administration approval. DHS officials did not return phone calls for this story.
Purdy, a lawyer by training, has been in government service for 15 years. He was involved in setting up the NCSD and also served as a deputy to the vice chairman of the Presidents Critical Infrastructure Protection Board, NCSDs precursor. Purdy is well-respected in Washington circles and has a wide range of contacts. But he lacks the security experience considered key for anyone who heads the NCSD.
Much has been made in recent months about the possibility of the job of NCSD director being elevated to the level of assistant secretary of the DHS to give cyber-security more weight in the department and in the government at large. Although there is little support inside the DHS for elevating the job, the climate on Capitol Hill is a different story. Sources say members of Congress from both parties are considering forcing the DHS to raise the profile of the new NCSD head if department officials fail to do so on their own. With speculation that many top DHS officials, including Secretary Tom Ridge, are leaving, Congress has a prime chance to impose its will on the department.
Under Yoran, the NCSD worked to establish a tight working relationship with the private sector, especially in the areas of information sharing on vulnerability and attack data and incident response. The most prominent example of this effort is the creation of the US-CERT, a public/private partnership that works with enterprises and government agencies to alert the public to new vulnerabilities and defend against new attacks.
“Its demanding, and theres no shortage of causes for frustration,” Yoran said. “But its a noble job, and there are also a lot of chances to make a difference. There are always people who are willing to serve. Its a matter of finding a suitable candidate to take up the fight.”
But there is still some friction between private-sector security specialists and the government over the amount of information that is shared and what is done with it. Managing and improving that relationship will be one of the key functions of the NCSD director.
“The cooperation with the private sector needs to continue to grow. I think Amit did a nice job, and theres room for it to continue to improve,” said Alan Paller, director of research at The SANS Institute, in Bethesda, Md. “Theyve done some good things, but well see what happens when they get someone permanent.”