The US Department of Homeland Security has finally appointed an assistant secretary for cybersecurity after a year without anyone in the post.
Formerly vice president of information security programs and policy at the Information Technology Association of America, Greg Garcia, has been appointed.
Before joining the ITAA in 2003, Garcia was a member of the professional staff of the US House Science Committee's sub-committee on research, where he was involved in programs related to IT. Garcia has also worked for 3Com and was the "coalition manager" of a now-defunct group called Americans for Computer Privacy.
His appointment ends a search that began last October when DHS secretary Michael Chertoff created the position in a bid to elevate the importance of cybersecurity issues within the agency.
Since then, the DHS has been under increasing pressure from industry groups and federal lawmakers to fill the position expeditiously. Just a week ago, a congressional hearing was told the delay in finding someone for the job had considerably weakened the agency's ability to co-ordinate a strategy for responding to a cyberattack against the nation's critical infrastructure.
But George Foresman, DHS undersecretary for preparedness, said at the hearing that the agency was in the final stages of reviewing the credentials of an individual who was "very qualified" for the cybersecurity job. That was an apparent reference to Garcia.
Garcia's appointment is "a very positive development," said Shannon Kellogg, director of government and industry affairs at EMC's RSA software division. In particular, Kellogg pointed to Garcia's role in helping to develop the Cyber Security Research and Development Act during his stint with the House Science Research Subcommittee.
"It took a while to make this appointment," Kellogg said. "But the DHS clearly has someone who is respected by the industry, government and on Capitol Hill."
Others are not quite so certain. Garcia is seen in technical circles as more of a policy wonk in a job that demands a high level of technical understanding.
The technical community's first choice for the role, former chief security strategist for US CERT, a former cybersecurity "czar" for the DHS and security chiefs for both Microsoft and eBay in the past, Howard Schmidt, was pipped to the post by Garcia for what many believe were political rather than pragmatic reasons - Schmidt quit the earlier, lower-level cybersecurity post in the White House in 2003, making him one of just five people to sit in that role in just three years.