- The National Security Telecommunications Advisory Committee presented a letter to President Barack Obama last week suggesting that the administration’s effort to add the first-ever federal CISO could be "disruptive," according to a report from Nextgov.
- The group of 30 industry executives, responsible for advising Obama on technology and national security, said that the role will require "top-down support" to be effective.
- The committee was asked to weigh in on the administration’s Cybersecurity National Action Plan, which was released in February as part of the president’s fiscal 2017 budget request.
Adding a new IT security chief could be "disruptive" if the new position eclipses the work of existing agency CISOs, according to the committee.
"Clearly designating a CISO’s responsibilities is key, and empowering a new CISO with top-down support and engagement is essential to minimize disruption," the letter said. "In industry’s experience, a one-off announcement is not sufficient; companies that have successfully integrated CISOs as empowered enterprise risk managers have done so over a period of time."
The committee suggested a new CISO would need to have clearly a clearly defined role, including the authority to "assess risks across agencies, establish baseline security requirements and measure compliance and recommended the CISO play a key role in setting and approving IT security-spending priorities."
Administration officials hope to have a new CISO in place by May.