Tom Davis, a moderate Republican from Virginia, has emerged as a leading candidate for the Obama Administration's newly created position of cybersecurity czar. Sources familiar with the White House's deliberations on the subject say Obama officials feel a Washington power player would make a better candidate than a tech guru. "They want someone who understands technology issues, but more importantly, knows how to get things done in Washington," says a cybersecurity expert who has been consulted by the White House. "There are very few people who have that combination of skills, and Davis is at the top of that short list."
Davis, who served in the House of Representatives for seven terms before retiring last fall, is a Hill veteran with extensive experience in technology policy. He authored the Federal Information Security Management Act in 2002, chaired the Subcommittee on Technology and Procurement Policy and was a co-chair of Congress's Information Technology Working Group. (He also led the powerful House Committee on Oversight and Government Reform and is popular on both sides of the aisle in Congress.) Crucially, Davis also has good connections to the IT private sector. His district, the 11th, is bristling with technology companies. Since retiring from Congress, Davis has joined the consulting firm Deloitte. Davis was not available for comment.
Obama announced last month that he would personally pick the cybersecurity czar, who would report to the National Security Council and the National Economic Council. The cybersecurity community has for weeks been speculating about who will get the job. Many experts agree the President should not limit his search to tech gurus. "You don't need a doctor running health care, and you don't need a technologist running cybersecurity," says retired Major General Dale Meyerrose, of the consulting firm Harris Corp., who until recently was chief information officer for the Director of National Intelligence.
Meyerrose says the challenges facing the President's nominee will be more administrative than technological. "The questions he will be asking are: What's the role of government? What's the role with our allies and other nations? What's the role of the public?" he says. "Most of the issues have nothing to do with technology and everything to do with getting things done in a bureaucracy and making things known to the public."
Rod Beckstrom, a Silicon Valley entrepreneur, points out that Obama's nominee will need political skills to deal with the many voices that will want to be heard on cybersecurity, including many government departments the Pentagon, various intelligence agencies and the Department of Homeland Security, among others and private-sector bodies. "There's a lot of rice in this particular rice bowl," Beckstrom says. He knows from personal experience how difficult that can be: earlier this year, he quit as Director of the National Cybersecurity Center in March, citing interdepartmental politics.
Davis is not the only candidate with Washington cred. Another leading candidate is Melissa Hathaway, who led Obama's 60-day cybersecurity review and previously advised President George W. Bush on cybersecurity issues. Also in the running are Frank Kramer, who was assistant defense secretary for international security affairs under President Bill Clinton, and Howard Schmidt, another adviser to Bush on cyberspace security and protection of critical infrastructure. Schmidt also has extensive private-sector experience, including stints with eBay and Microsoft, where he was chief security officer.
Others in contention include Paul Kurtz, an Obama adviser who served in the National Security Council under both Bush and Clinton, and former FBI intel boss Maureen Baginski. Dark horses from the private sector include Sun Microsystems' Susan Landau and Scott Charney, currently head of Microsoft's cybersecurity division.
The White House has not indicated when it will announce Obama's nominee, but a decision is widely expected in the next few weeks.