US gets a new cybersecurity czar

The Bush administration said on Monday that it has chosen Amit Yoran, a computer security veteran with experience in the public and private sectors, to oversee the government's cybersecurity efforts.

Most recently, Yoran has been the VP for managed security services at Symantec, one of the largest internet security companies. Previously he worked on the Computer Emergency Response Team at the Department of Defense, which defends the US military's sprawling computer networks, and founded the information-security company Riptech.

Inside the vast homeland security bureaucracy, Yoran will lead a relatively small group: the National Cyber Security Division, which had only 60 employees when Homeland Security Secretary Tom Ridge created it in June. Yoran's division falls under the organisation run by former New York City deputy police commissioner Frank Libutti, who the Senate confirmed the same month as the undersecretary for Information Analysis and Infrastructure.

As head of the cybersecurity division, Yoran will perform two roles. He'll serve as a kind of overseer of the federal government's oft-sluggish computer security efforts, and as an evangelist charged with persuading individual Americans and corporations to improve the security of their own systems.

Yoran is the closest person, so far, to being a successor to Richard Clarke, the long-serving counterterrorism official who quit his White House coordinating post in January. Since then, as the Homeland Security Act has taken effect, the US government's cybersecurity organisations have been reshuffled to concentrate the responsibility inside the Homeland Security Department.

That department took over five agencies that previously divvied up responsibility for "critical infrastructure protection". Those were the FBI's National Infrastructure Protection Center, the Defense Department's National Communications System, the Commerce Department's Critical Infrastructure Assurance Office, an Energy Department analysis centre and the Federal Computer Incident Response Center.

The Business Software Alliance, whose members include Symantec, applauded Yoran's appointment. "Yoran has worked extensively in the public and private sectors to prevent and respond to information security breaches," said Robert Holleyman, the trade association's president. "He knows firsthand the vast threats that exist today and what needs to be done to quickly identify, assess and mitigate those threats."

Declan McCullagh writes for CNET News.com.