If confirmed, DHS nominee to continue with cybersecurity initiatives

Jeh Johnson intends to generally stick to Obama administration's cybersecurity initiatives

If confirmed, Jeh Johnson, the former high-ranking Pentagon official nominated Friday to head the Department of Homeland Security, is not expected to bring much change to the Obama administration's cybersecurity initiatives.

[DHS secretary Napolitano's exit leaves leadership vacuum]

President Barack Obama chose Johnson in part because of his managerial experience as general counsel of the Department of Defense, where he managed 10,000 military and civilian lawyers all over the world with a staff of 100. Johnson will need Senate confirmation to start his new job.

The ability to manage a sprawling bureaucracy is certainly a requirement for DHS secretary. The agency, formed in the wake of the 9/11 terrorist attack in New York, has 10s of thousands of employees and comprises more than a dozen agencies, from the Secret Service and Immigration and Customs Enforcement (ICE) to the Federal Emergency Management Agency.

"Jeh (pronounced "Jay") Johnson brings considerable DOD experience to this job," Stewart Baker, former assistant secretary for policy at DHS, told CSOonline.

"Since the organizational challenges at DHS are exceeded only by the challenges of running DOD, Johnson's on-the-job training at DOD will serve him well."

Johnson's high-profile accomplishments as chief lawyer for the Pentagon during the first term of the Obama administration included his legal authority over all drone strikes and his advocacy for allowing gays to serve openly in the military.

Because the administration has already set cybersecurity policy, Johnson is expected to leave the execution to others.

"He'll certainly appreciate the importance of cybersecurity as an issue, but I think it's too soon to say that he'll take a different approach," Baker said.

"DHS's challenges there are much more about execution than about policy, so I wouldn't expect a great change."

Obama issued an executive order in February that put into play those cybersecurity initiatives that do not need congressional approval. Key elements of the order included a Cybersecurity Framework for setting standards to mitigate risks and having government agencies share cyberattack information with the private sector.

Regulations that would make private sector participation mandatory would have to come from Congress, which is considering several proposals. The DHS plays an important role in advising lawmakers on the administration's positions.

[DHS, FBI warn over TDoS attacks on emergency centers]

Like his predecessor Janet Napolitano, Johnson is expected to make national cybersecurity a top priority at DHS. Napolitano resigned in September to lead the University of California system.

"Cyber will be among one of his top agenda items, no doubt," James Forest, director of the Graduate Program in Security Studies at the University of Massachusetts, Lowell, said.

"Since he's reportedly smart and politically savvy, I would bet he'll surround himself with a bunch of very smart people to tackle these issues."

Critics denounce Johnson for his role in the Obama administration's use of drones in the nation's war on terrorism. As Pentagon general counsel, Johnson said the attacks were legal because the terrorists killed were legitimate targets in a military conflict.

Johnson has said that a time will come when enough Al Qaeda leaders are killed or captured to neutralize the terrorist organization.

"That is delusional because the drone strikes are manufacturing terrorists faster than it is killing them," Peter Ludlow, a professor at Northwestern University who has written extensively on national security issues, said.

Republicans have already gone on the offensive against Johnson, saying he lacks the experience to oversee the three immigration services under the DHS, which include the two enforcement agencies, ICE and Customs and Border Protection, and Citizenship and Immigration Services.

[Plans to centralize cybersecurity with DHS seen as step forward]

"After this administration's mismanagement of DHS, in particular its failure to secure the border, Texans expect a nominee with serious management and law enforcement experience," Sen. John Cornyn, the second-ranking Republican in the Senate, told The Washington Times.

"Rather than selecting someone who knows the unique dynamics of our Southern border, President Obama has tapped one of his former New York fundraisers. We need someone who knows how to secure the border, not dial for dollars."

Johnson was a top fundraiser for Obama's 2008 presidential campaign.

Join the CSO newsletter!

Error: Please check your email address.

Tags securityU.S. Department of Homeland Securitygovernment

More about FBIFederal Emergency Management Agency

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antone Gonsalves

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts