Can US Cyber Nerve Center Hold Onto Its New Leaders?

This story has been updated to clarify remarks about the new reporting structure.

On May 6, Department of Homeland Security Secretary Jeh Johnson announced a hotshot hire shortly would be at the helm of the nation's 24-hour cyber watch floor.

The position had been vacant since last September.

It was not until August that Johnson named a respected, in-house assistant secretary and a low-profile HP security chief to jointly head the National Cybersecurity and Communications Integration Center, or NCCIC.

A history of employee burnout at Homeland Security might have factored into the difficulty of recruiting leadership, says a former DHS official who once oversaw the NCCIC (pronounced "N-kick").

"This is the pot calling the kettle black. I contributed to it as much as anyone else,” said Mark Weatherford, who joined DHS from industry, served as deputy undersecretary for cybersecurity and returned to industry after less than two years. "The churn over there within DHS has been problematic."

Two top DHS cyber leaders have already stepped down this year. John Streufert, director of federal network resilience, departed in May after joining the department in January 2012. Bobbie Stempfley left in February, after serving as deputy assistant secretary for cybersecurity strategy and emergency communications since April of last year.

Homeland Security likely wanted a person who would commit to a long run at an operation recently thrown into the spotlight, said Weatherford, now a principal at the Chertoff Group consultancy. 

President Barack Obama visited the nondescript Arlington office space earlier this year to promote the administration’s cyber agenda. The 2014 Federal Information Security Modernization Act positioned the facility as a "central federal information security incident center" and situated it within DHS. 

In May, at a meeting of the President's National Security Telecommunications Advisory Committee, Johnson said the next NCCIC director "will have a direct reporting line to me in terms of information sharing and threat reporting...We're making an effort to attract a real all-star to that position well known to you."

On Aug. 10, Johnson announced Andy Ozment, currently assistant secretary of the Office of Cybersecurity and Communications, will assume overall responsibility of the venture, while John Felker, HP Enterprise Services director of cyber and intelligence strategy, will manage daily operations there.

Weatherford said the new bosses will have to endure political tensions, cross-government coordination issues and a responsibility for keeping the U.S. Internet afloat.  

"It’s an incredibly challenging job," Weatherford said. "You are working with all the other federal agencies. You are working with Congress. You are working with the White House. You are working with the intelligence community, and you are working with all 16 critical infrastructures. It may be one of the biggest leadership jobs in the nation from a security perspective."

And there are no days off, Weatherford said quite seriously. “This is 24-by-7-by-365,” he said.

The new management structure might also take some getting used to. Ozment will retain his assistant secretary title, while reporting straight to Johnson on certain security matters, a DHS official told Nextgov.

Weatherford said he was not sure how the new reporting structure would work. It is unclear if, in some situations, Ozment would go over the heads of his undersecretary and two deputy undersecretaries. 

If so, "you have basically pulled out a huge piece of the organization and now an assistant secretary is reporting directly to the secretary," Weatherford said. "I think it could work well -- but this is a huge organizational shift for DHS.”

Ozment brings to the table academic and policymaking chops, while Felker possesses expertise in supervising an organization.

"Dr. Ozment and Mr. Felker will provide a combination of operational experience, leadership, and strategic insight needed to take the NCCIC to the next level for our cybersecurity," Johnson said in an Aug. 10 statement.

Felker, a 30-year Coast Guard veteran, served as deputy commander of Coast Guard Cyber Command, where he helped stand up the organization. He also led the Coast Guard Cryptologic Group. At HP, Felker worked on business strategies for work with DHS, the Pentagon and the intelligence community.  

Ozment, a former political appointee and cyber researcher, came to DHS from the White House, where he served as Obama's senior director for cybersecurity. He constructed and executed a landmark presidential executive order that yielded a data protection roadmap for businesses of all stripes. A component of that 2013 policy also tasked DHS with sharing unclassified and classified tips about threats with industries vital to the nation, like energy producers.

At MIT Lincoln Laboratory, Ozment published papers on user-friendly online protections and the economics of cybersecurity, among other subjects. As a Marshall scholar, he earned a master’s degree in international relations from the London School of Economics, and a Ph.D. in computer science from the University of Cambridge.