Modernizing Authentication — What It Takes to Transform Secure Access
Barely a year after taking the job, Amit Yoran resigned Thursday as the country's highest-ranking cybersecurity officer. The resignation was effective immediately and continues the three-year turnover trend in the cybersecurity leadership of the Bush administration.
According to the Associated Press, Yoran's abrupt resignation was prompted by his frustration over a lack of focus on computer security issues within the administration. A Department of Homeland Security (DHS) spokesperson confirmed this was Yoran's "last week at DHS."
"Mr. Yoran has been a valuable contributor to homeland security over the last year and we wish him well," the spokesperson said.
Yoran was not immediately available for comment.
"Director Yoran brought a vast amount of experience and technical expertise to the issues of information security, and I wish to thank him for his contributions during his tenure," Rep. Adam Putnam (R-Fla.), chairman of the House subcommittee on technology and information policy, said in a statement. "I look forward to continuing working with the National Cyber Security Division and all public and private stakeholders to dramatically reduce the threat produced by computer worms and viruses, spam, spyware, hackers, criminals and terrorists. Director Yoran was a key factor in affirmatively moving these efforts in a forward direction."
DHS Secretary Tom Ridge appointed Yoran as director of the DHS' National Cyber Security Division (NCSD) in September of last year. Earlier in 2003, Bush dismantled a special cybersecurity board that reported directly to the White House and transferred the board's duties and responsibilities to the DHS.
Richard Clarke, the White House's director of the board, refused to head the new organization created at the DHS, saying there would be too many bureaucratic layers between him and Ridge. Howard Schmidt, Clarke's deputy on the White House board, resigned in May 2003 to become the chief information security officer for eBay.
The top spot at NCSD remained vacant throughout the summer of 2003 until Yoran accepted the position. Yoran was a co-founder of Riptech, an Alexandria, Va.-based firm that focused on government cybersecurity. In July 2002, Symantec bought Riptech for $145 million, and Yoran stayed on as vice president for managed security services.
The NCSD has an $80 million budget and 60 employees. Its primary responsibilities include conducting cyberspace analysis, issuing alerts and warnings, improving information sharing, responding to major incidents, and aiding in national-level recovery efforts. With Yoran at the helm, the NCSD began a program that allowed subscribers to receive e-mails about virus outbreaks and proper responses to the attacks.
In the aftermath of 9/11, the government reviewed the nation's critical infrastructure and decided it could not improve security alone, considering 85 percent is owned by the private sector.
In February 2003, the Bush administration officially released its National Strategy to Secure Cyberspace, which called for a voluntary partnership between the public and private sectors to share security intelligence, reduce vulnerabilities and deter malicious entities. Critics have attacked the plan as too loosely based and too dependent on private enterprise without enough checks and balances.