U.S. Senators, scared by Chinese hacks of their computers, are calling for a cyber-security czar
. You know, someone who reports directly to the president and would be in charge of ensuring the nation's confidential and classified documents aren't being downloaded by foreign governments.
But isn't that already somebody's job? Like the Chief National Security Advisor or the Secretary of Defense or somebody else who already reports to President Obama?
I'm reminded of Jack Johnson's keynote from TechSec where he made it clear that it's impossible to separate physical and logical security. Say, as part of that hack of a senator's computer, the hacker downloads an iCal file (this is clearly make-believe; no senator is actually on a Mac, I'm sure), and therefore knows where that senator will be every day for the next month. Isn't that a significant physical security threat?
Of course it is. The protection of files and data is tantamount to the protection of people and places and the more you go about separating the two tasks the weaker you'll be in the end.
If you want to emphasize the importance of cyber security, hire a bunch more logical security experts and place them in the service of your top national security people, but don't elevate the threat to a cabinet-level position just because you don't really understand it.