US-CERT director resigns, plans to work for RSA
Mischel Kwon has headed up US-CERT, an arm of the DHS's National Cybersecurity Division, since June 2008.
"We thank Mischel for her service and commend her leadership and the progress she has made at US-CERT over the past year,” Phil Reitinger, director of the National Cybersecurity Center, said in a statement emailed to SCMagazineUS.com on Monday.
According to a report in the Washington Post, citing anonymous sources, Kwon's position at US-CERT left her “… frustrated by bureaucratic obstacles and a lack of authority to fulfill her mission."
James Lewis, director of technology and public policy at the Center for Strategic International Studies (CSIS), told SCMagazineUS.com on Monday that the DHS' cyberstructure is currently being reorganized in a way that gave Kwon less freedom, making the job less desirable.
“As DHS reorganizes itself, you will probably see more changes like this,” Lewis said.
Kwon is expected to take on a position at security firm RSA in September, where she will serve as vice president of public sector security solutions, the company announced Monday. Kwon's role at RSA will task her with advising organizations on how to better secure themselves against cyberattacks and help develop RSA's security product and solutions strategy.
“We are delighted she is joining our team,” Shannon Kellogg, director of information security policy at EMC, which owns RSA, told SCMagazineUS.com on Monday.
Kellogg added that Kwon's move to the private sector will enable her to continue to play a “vital role” in the public sector by working with RSA's government partners.
Kwon's exit from US-CERT somewhat mirrors the resignation of the former director of the DHS's National Cybersecurity Center (NCSC), Rod Beckstrom, who left in March citing tension between agencies and a lack of funding from the DHS. Beckstrom wrote in his letter of resignation to DHS Secretary Janet Napolitano that he thinks the DHS's cybersecurity efforts were being "controlled" by the National Security Agency (NSA).
“These federal cyberjobs are very challenging,” Beckstrom said in an email to SCMagazineUS.com on Monday. “It is difficult to attract and retain people inside the federal system due to the many rules and regulations surrounding hiring, as well as running operations.”
In addition, Melissa Hathaway, acting senior director for cyberspace for the National Security and Homeland Security council, resigned last week, putting a spotlight on the still-vacant federal cybersecurity coordinator position that President Obama announced in late May.
John Prisco, CEO of government and enterprise security vendor Triumfant, told SCMagazineUS.com on Monday that he thinks Kwon's resignation underscores the reason why the federal cyber coordinator position has not yet been filled – both positions are hindered by a lack of authority, he said.
“I suspect that's the reason it's been so long to get a candidate to step up and take the position,” Prisco said. “The [federal cybersecurity] position has to have the ear of the president … it can't be serving multiple masters."
Lewis said that without coming with direct reporting powers to the president, the position is proving difficult to fill. Obama has said the coordinator will have two bosses: the National Security and Economic councils.
“They are stuck because they want a high-level person and they are offering them a mid-level job, and that's a hard combination to make work,” Lewis said.