Feeds

Securing cyberspace against war, terror and red tape

DHS's Greg Garcia in the hot seat

The essential guide to IT transformation

Interview In September 2006, the US Secretary of Homeland Security appointed Greg Garcia assistant secretary for cybersecurity and telecommunications. With oversight for the National Cyber Security Division, the Office of Emergency Communications and the National Communications System, he is the federal government's point man for securing the nation's internet and telecommunications' systems against attacks from terrorists or countries that may target the US.

The Register sat down with him during the RSA security conference and a couple of things quickly became clear: One, he'd much prefer to see free market forces secure cyberspace than rely on the long arm of the government; and two, like the president he serves, he believes the execution of his duties is pretty much flawless.

El Reg: It's been about 18 months since you've been on the job. That's a nice number for report cards, or to check in and see how you're doing. In your judgment, what are your biggest accomplishments and what's the biggest failure or thing that you would have liked to accomplish that you haven't?

I think the biggest accomplishments so far are just the level of visibility that cyber security has taken on, not just in the DHS but across the government. I think the cyber initiative is the evidence of that. Leading up to that we had a number of very compelling accomplishments, the biggest of which was in May of last year we released the 17 sector specific plans as part of the national infrastructure protection plan.

This is where each of the critical sectors got together with their agency counterparts in the federal government, sat down side by side, two pens and a piece of paper and mapped out what commitments we are going to make collectively to do the national vulnerability assessment that's necessary across our networks and take the steps to mitigate them. That was a true illustration of the partnership model at work and that it's working. There were trust relationships built around that.

I think over the past 18 months I would look back and say the level of engagement of this partnership between the private sector and the public sector is I think a tremendous accomplishment.

The essential guide to IT transformation

More from The Register

next story
GCHQ protesters stick it to British spooks ... by drinking urine
Activists told NOT to snap pics of staff at the concrete doughnut
Britain's housing crisis: What are we going to do about it?
Rent control: Better than bombs at destroying housing
What do you mean, I have to POST a PHYSICAL CHEQUE to get my gun licence?
Stop bitching about firearms fees - we need computerisation
Top beak: UK privacy law may be reconsidered because of social media
Rise of Twitter etc creates 'enormous challenges'
Redmond resists order to hand over overseas email
Court wanted peek as related to US investigation
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.