recommended reading

For White House Cyber Czar, Being Called a 'Total n00b' Just Comes with the Territory

White House Cybersecurity Czar Michael Daniel

White House Cybersecurity Czar Michael Daniel // Ann Heisenfelt/AP

Michael Daniel, the White House’s cybersecurity coordinator, courted controversy last month when he gave an interview on his role setting cyber policy for the Obama administration.

But it wasn’t his thoughts on how the government can better protect its IT systems from intrusions or how the feds should respond to cyberattacks that caused a fuss.

It was his résumé.

In an Aug. 21 interview with GovInfoSecurity, Daniel -- a 17-year veteran of the Office of Management and Budget who came to his current position two years ago largely unknown in technology circles -- was asked how much of a techie the nation’s cyber czar actually needed be.

Daniel said it was important to have a “broad sense” of the role technology plays in cyber policy, then added: “But you don’t have to be a coder in order to really do well in this position. In fact, I think being too down in the weeds at the technical level could actually be a little of a distraction in that sense.”

His remarks blew up on Twitter. Many social media commentators were perturbed that the nation’s top cybersecurity official seemed to be flaunting his lack of technical experience.

The chairman of the Joint Chiefs of Staff led an armored division in Iraq, Alex Stamos, Yahoo’s chief information security officer, pointed out on Twitter. Why shouldn’t the cyber czar be able to configure a firewall himself?

Stamos later tweeted: “The lack of respect shown to information security as a profession by the government is infuriating.”

Daniel: Cyber Not Purely a Technical Problem 

When Nextgov caught up with Daniel after a speech Sept. 16 at the Billington Cybersecurity Summit in Washington, he said if he had to do it over again, he would make sure to expand on his remarks.

"The real underlying issue is the cybersecurity problem is not purely a technical problem,” he explained.

A key part of his office’s efforts, in coordination with the National Initiative for Cybersecurity Education, is to get more cyber-literate technologists trained and into government jobs, he said.

"So that was certainly not my point at all,” he added. “But [it was] that the skill set you need to bring to bear on the cybersecurity problem is very multidimensional and it has many other factors, and you can actually be very successful in this space bringing other skill sets to bear. And that's really what I was saying."

That point was clearly lost amid the wave of articles and blog posts sparked by his original comments, not least in the piece published on tech news site ReadWrite branding Daniel a “total n00b” -- gamer-speak for novice.

Daniel, who was on vacation when the interview was published, said he took the hostile reaction in stride.

“You know, it also just kind of comes with the territory of being in Washington,” he said.

Cyber Czar Wants to Understand Human Element 

In his remarks at the cybersecurity summit, Daniel focused the majority of his remarks on the need to understand the human factor of cybersecurity.

"We still don't understand the psychology and economics of cyberspace," he told the audience packed into the Capital Hilton Hotel in Washington.

The majority of vulnerabilities exploited by the “bad guys” are known weak points. And many of them already have fixes, he said.

“We haven't fully confronted cybersecurity as a human behavior and motivation problem as opposed to just a technical problem,” he said. “And until we really understand the human factor and change our approaches as a result of that understanding, we will continue to fail at solving this problem."

In an address later that day at the conference, Phyllis Schneck, the chief cybersecurity official for the Department of Homeland Security, made the same basic point -- with more of a rhetorical flourish.

“If this were purely a technical problem,” said Schneck -- the former chief technology officer at security software giant McAfee -- “we'd have solved it with a pizza and a Mountain Dew for a few people a long time ago."

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.