Rep. Jim Langevin may have given a little peek into the future of cybersecurity oversight in the White House.
Speaking during a press conference after the first meeting of the House Cyber Caucus, the Rhode Island Democrat let slip that the White House is not considering a separate office in the Executive Office of the President to oversee cybersecurity.
“The review is looking at four areas, including the White House organization, construct and mission,” he says. “It will include interagency cyber action plan, but it will not include a structure in the Executive Office of the President, but there may be an increase in OMB staffing to increase the oversight role.”
Langevin quickly backed off his statement when pressed by reporters.
“We will let Melissa (Hathaway) finish the review,” Langevin says. “It’s too early to say what exactly the structure will look like. As it has evolved right now, this effort will be run from within the National Security Council, but it’s unclear whether it will be in the EOP.”
But one source with knowledge of the review, who requested anonymity because the review is ongoing, says as of now, a White House cyber office is doubtful.
Hathaway briefed the House Cyber Caucus Thursday. Langevin is the co-chairman of the group.
Langevin says the cyber review is 38 days old and a report is expected by the end of April.
“The caucus is a way for the administration to reach out to the House on a bipartisan fashion across different committees,” he says. “My hope is that if and when legislation is necessary we can all work together to get it done. It is important to know each other and allow for collaboration and cooperation.”
Langevin says Hathaway laid out four areas the cyber review is focusing on. Along with White House structure, Langevin says other areas of the review include:
The international and domestic role in cybersecurity, including how the competitive market changes and the expectations of the private sector;
Technology standards and next generation architecture on cybersecurity;
Capacity building in terms of alliances in the U.S. and internationally, and the hiring and training of cyber workers and the general public.
Rep. Yvette Clarke (D-N.Y.), who is the chairwoman of the Homeland Security Subcommittee on Emerging Threats, Cybersecurity and Science and Technology, says Hathaway also is paying close attention to privacy and civil liberties issues.
She says those issues would be part of a public literacy campaign about the need to secure computer networks.
Those issues are also a major concern of the intelligence community. Director of National Intelligence Dennis Blair says the government must secure networks without making citizens wary.
“The trick is to make use of the technical capabilities of the National Security Agency in a way that can protect American networks,” he says. “The key to that is Americans having confidence that they are being used for those beneficial purposes, and are not being used to gather private information on Americans and that whole set of concerns that some of the early reactions to 9-11 excited.”
Blair adds to be successful the government must overcome the legal, organizational and review processes challenges.
Blair, who held a media roundtable Thursday at the Office of the Director of National Intelligence headquarters in McLean, Va., says the White House cyber review is looking at all three of these areas.
But he is not necessarily in favor of having a cyber czar.
“We have to have a powerful team,” Blair says.
We have to have good policy from the White House; we have to have capacity in the departments and most of all, I think we need to have a legal regime which takes account of the way the technology of cyberspace has made our previous neat domestic, international, law enforcement, homeland defense distinctions irrelevant. That is the real challenge.
The White House review is looking at how the environment has changed.
Still, federal networks are most at risk from threats inside the U.S. and from those originating in China and Russia.
Blair says China is “winning the sweepstakes” for the origin of having the most attacks against federal networks from outside the U.S.
“I don’t think the U.S. is at risk of having done to it what right now what was done to Georgia or Latvia,” he says. “We are too big and we’re too complex. We are working on the defenses. But as you look out to the future, unless we work hard on this, we could be very vulnerable. It’s a very high priority for me.”