[Infowarrior] - Hathaway at RSA: Obama Admin's Missed Opportunity

Richard Forno rforno at infowarrior.org
Fri Apr 24 20:47:49 UTC 2009 

  April 24, 2009 3:11 PM

Hathaway at RSA: Obama Admin's Missed Opportunity

http://securitywatch.eweek.com/exploits_and_attacks/hathaway_at_rsa_obama_admins_missed_opportunity.html

Based on what we've seen from our new President thus far, one of the  
Obama Administration's top priorities is, and will be, taking  
advantage of ready opportunities to foster stronger relationships with  
important constituencies that can help the United States advance its  
interests across many different domains.

No matter what side of the aisle you may, or may not, align with in  
regards to U.S. politics, it probably would have been shocking for you  
to read that any U.S. President was in Latin America shaking hands  
with Venezuelan President Hugo Chavez last week, who had famously  
characterized President George W. Bush as a living incarnation of the  
devil before his colleagues at the United Nations in late 2006.

However, that's exactly what we saw happen. And whether you agree with  
President Obama's decision to make an effort at repairing U.S.  
relations with some of its more outspoken neighbors in such a public,  
forgiving fashion, it would seem that his team's overarching mandate  
is to get out and be as proactive as possible in cultivating stronger  
ties with those people it views as centrally important to advancing  
its political cause.

The timing and nature of Obama's physical outreach to Chavez might  
have struck many Americans as controversial, but, it was an important  
if only symbolic act in forwarding the process of making geopolitical  
change as swiftly as possible, our Commander In Chief said in  
defending his actions.

The 44th Admin's obvious predisposition toward such an open philosophy  
of communication is precisely why so many members of the IT security  
industry gathered for this week's RSA Conference 2009 were roundly  
disappointed by the lack of substantive results offered in acting  
Cyber Czar Melissa Hathaway's keynote address at the annual industry  
confab in San Francisco.

The truth of the matter, by all estimates, would seem to be that the  
Obama Admin had yet to find sufficient time to analyze Hathaway and  
her team's work in performing their recently completed 60 day review  
of the nation's cyber-security standing to allow her to reveal those  
results to the industry.

But, in doing so, it would seem that the Administration fundamentally  
failed to realize what a unique opportunity it had created to use RSA  
as a launching pad for turning its cyber-security plans into a  
national and industry-wide cause by sending Hathaway out to deliver  
her speech.

The way that the event went down was so surprising specifically  
because improving U.S. cyber-security posture was a platform plank of  
the 2008 Obama Presidential election campaign, and since one of the  
most impressive elements of Obama's approach to the issue so far was  
his choice of Hathaway, a former Bush intelligence advisor, as acting  
Cyber Czar in a move to lend continuity to our national efforts in  
this arena, and keep the best people on the job no matter whom they  
supported.

RSA is THE seminal annual industry meeting of the IT security market,  
and there won't be a chance for the President and his appointees to  
gain the spotlight, and the concentrated attention of the market again  
for another twelve months. You could also argue that this year's show  
had a far greater emphasis on government policy work, based on the  
reality of the cybercrime landscape, and the many related  
presentations offered at this year's show, than any one of its kind  
before.

As a colleague of mine said when I saw her outside the Moscone shortly  
after Hathaway's speech on Wednesday - which basically just outlined  
the process and goals of the 60 day review, versus sharing its  
findings - she was profoundly surprised and disappointed both as an  
American and a member of the IT security community that the 44th Admin  
hadn't had the foresight to realize the opportunity that it had just  
missed.

So many of us in the community had lined up to go into that room for  
the keynote ready to be challenged and inspired to be part of  
something special, a historic chance to affect change in improving  
national cyber-security policy at a time when we are being overwhelmed  
by electronic attacks from outsiders, including those backed by both  
organized overseas criminals and foreign states themselves.

But most of us walked out of the room a scant 30 minutes later shaking  
our heads at the lack of direction we'd been given, openly  
disappointed by the Administration's inability to realize the moment,  
and feeling sort of sorry for Hathaway for having been put up on stage  
with nothing to tell us that we didn't already know.

If the Obama Administration is truly serious about its good faith  
desire to enact significant change in the realm of cyber-security in  
the four short years of its only guaranteed term, they are going to  
need to work hard to make the most of any and all opportunities with  
which they are presented.

Perhaps even more so, now, since they just allowed a really big one to  
pass them by.

####

Matt Hines has been following the IT industry for over a decade as a  
reporter and blogger, and has been specifically focused on the  
security space since 2003, including a previous stint writing for  
eWeek and contributing to the Security Watch blog. Hines is currently  
employed as marketing communications manager at Core Security  
Technologies, a Boston-based maker of security testing software. The  
views expressed herein do not necessarily represent the views of Core  
Security, and neither the company, nor its products and services will  
be actively discussed in the blog. Please send news, research or tips  
to SecurityWatchBlog at gmail.com.

More information about the Infowarrior mailing list