Melissa Hathaway, the official in charge of the White House’s 60-day cybersecurity review, gave a speech last night at the RSA conference in San Francisco. The review concluded last Friday, so there were high expectations around the speech: most experts expected her to announce her findings.
Unfortunately, that didn’t happen, apparently because the administration hasn’t read the final report yet. I’m told that the White House deputies committee is meeting to review it today or tomorrow. So we’ll probably see a final copy early next week.
Hathaway did confirm that the final report calls for the White House to coordinate governmentwide cybersecurity policy. (If you want to watch her whole talk, it’s posted here.)
There was one other item from the RSA conference that caught my attention — details after the jump.
You might remember Adm. Dennis Blair’s testimony (pdf) before the House intelligence committee in February. He said the NSA should run governmentwide cybersecurity:
I think there’s one key aspect of this future cyber strategy which this committee and your counterpart in the other body can really help us with, and that is the role of the National Security Agency outside of the intelligence, its intelligence functions. I agree with you; the Department of Homeland Security is finding its footing in this area. The National Security Agency has the greatest repository of cyber talent.
But on Tuesday, during his speech to the conference, Lt. Gen Keith Alexander, the NSA director, said this:
We do not want to run cybersecurity for the United States government. That’s a big job.
Who’s going to be in charge? We’ll find out next week…