Melissa Hathaway steps down from consideration to be U.S. cyber czar

August 4th, 2009

melissahathawayFor Melissa Hathaway, the Mission, in the end, did prove to be Impossible.

Hathaway was widely hailed for completing a 60-day review of U.S. cybersecurity policy, setting up President Obama’s milestone May 29th speech, in which he became the first head of state to articulate the necessity for explicit national  policies to make the Internet safer.

After her appearance last April as a keynote speaker at the RSA 2009 security conference in San Francisco, in which she spoofed her task in a Mission Impossible skit, some considered Hathaway a front runner to be named Obama’s cybersecurity adviser.

But yesterday she removed herself from consideration. The move could shake things up and pave the way for the selection of a so-called cybersecurity czar from a short list of finalists, which Obama been mulling for some eight weeks now.

“She is, as always, a gracious leader,” Alan Paller, research director at The SANS Institute, says of Hathaway. “When she learned she was not to be the choice, the best thing she could do to raise the priority of selecting the new person was to leave.”

White House weighs in

A White House statement notes that Hathaway had been on temporary detail to the National Security Staff from the Office of the Director of National Intelligence. Her initial assignment was up on April 9th and her second detail officially ends August 9th.

“We are grateful for her dedicated service and for the significant progress she and her team have made on our national cyber security strategy,” says White House spokesman Nick Shapiro. “Cyber security is a major priority for the President.”

Shapiro re-iterated the key takeaway from Obama’s historic speech: that a selection process was underway to fill the newly created post of “White House cyber security coordinator.”  He also noted that the appointee ” will have direct access to the President,”  and that the administration “is pursuing a new comprehensive approach to securing America’s digital infrastructure.”

“The President is personally committed to finding the right person for this job,” says Shapiro. “A rigorous selection process is well underway.”

Lack of empowerment

“Hathaway told Washington Post reporter Ellen Nakashima that she wasn’t empowered to “drive the change” called for in her review and punctuated by Obama’s historic speech. The central notion — that White House leadership is necessary to stem rising cyber threats — was hammered out in two years worth of consensus building among business and military leaders, lawmakers and regulators, and the intelligence community.

The Center for Strategic and International Studies’ last December presented Obama with this stack of recommendations. The document has been downloaded more than 30,000 times. And supporting proof points came in this report by the Government Accountability Office.

“I’ve concluded that I can do more now from a different role,” Hathaway told Nakashima.

More questions than answers

The devil, as always,  is in the details. Two sweltering months of summer have elapsed with the White House still debating who should take the hot seat, and how much of the president’s ear that person will have.

todd_mcclelland_crop“At present, there are more questions than answers regarding the new position.  What will he or she really do? ” remarks Todd McClelland, partner at the influential Washington D.C. law firm, Alston & Bird. He said the legal community is calling for the czar “to establish clarity regarding security and privacy rules and regulations.”

Daniel Ives, an analyst at FBR Capital Markets, says there is no indication that Obama is close to naming anyone to the post.

“We fully expect more speed bumps, ” says Ives. “This cybesecurity initiative is a massive, multi-decade task that will be very onerous, complex, and touch agencies across the entire government as the US undergoes a major facelift on its security infrastructure.”

Photo caption: Hathaway at Moscone Center, San Francisco, April 2009,  delivering ‘Mission Impossible’  keynote speech at RSA security conference. photo by Byron Acohido

–By Byron Acohido