Really, you think adding another layer to the bureaucracy will make this better? I agree with your first security expert that cyber security should stay where it is and we should get some competent leadership at the helm of DHS and reform the agency rather than break it back up into the smaller pieces it once was.

Actually the "physical world" still has a different way of thinking when compared to the "cyber world". Granted they are converging, but the culture between the two are still very different.I believe this is one of the reasons why very little has been accomplished in the cybersecurity efforts under DHS. If you don't understand the "cyber world" and have only dealt with the "physical world" (physical security),you will be either in-effective or incompetant.

They need to be separated so that cybersecurity gets appropriate attention. DHS simply can't relate.

DHS is part of the "Executive Branch". Keep cybersecurity where it's at, but establish an office on the President's staff. Appoint a competent executive with delegated clout to provide oversight. This will heighten visiblity and provide a single belly-button for emphasis.

I have taken some of the DHS courses in some areas of anti terrorism and cybersecurity. They were pretty good. The best Homeland Security courses i took were from the Navy Post Graduate School. DHS has problems with their image. I think the military deals with this better but the Air Force can not find a home for the 24th AF Cybersecurity except with Space Command. The AF and Navy use more computers than anyone and if they can't get it right who can? I am biased because i learned cybersecurity from the Navy. But they seem to have the handle on it better than civilian agencies. DHS has too many layers of management. I think putting the function in the White House is an idea that might work at least with this president who uses electronic communications better than past presidents. The military is still directly controlled by the president and higher quality computer jocks rome their hallways.

I have to say that articles like this, and subsequent commentary scare the pants off of me.

First, in hindsight, the breeches of trust and constitution by the Executive branch tells me that it is NOT where network security focus should be for the entire country. Remember, they seem incapable of archiving emails, never mind protecting them.

Second, keeping government secrets is not simply a network administration function. Network administration and security is only PART of that. Imagine if we had NASA telling all other government branches how to secure their data? We already have someone doing that... can you say NSA? They offer best practices and actual security developments with commercial vendors etc.

Third, Where is the data that supports creating such a department? The DHS has not shown they are capable of anything except covering up for bungling government bureaucrats. For all their efforts, air travel still isn't safe - apparently.

Fourth, Where is the data that supports saying that Internet and network security efforts of business and current government agencies has failed? If it isn't broken, don't fix it. Show me the threats, the damage suffered, the actual data to validate creating a new Executive Branch office to oversea security of the entire country?

Fifth, CSO magazine *SHOULD* have people smart enough to know better than post FUD rhetoric to the public. Shame on you. I'm losing faith in your publication.

In my opinion, it doesn't matter where the responsibility is put if it remains a sub-function of another agency. Until we realize (like other countries have) that managing cyber-security (and technology) is critical to all people and organizations and should be treated as a separate and specific department level function, we can not hope to set effective overall cyber-security or technology standards for government or commercial organizations. The risk is too high to try to manage/control an area such as this by an organization with limited or no authority. If moving the office under the President provides some "teeth" to cyber-security protectors, it is a good idea.

The commission's reason that DHS is incompetent is somewhat a cheap shot and trite, I agree. But they also gave what in my opinion is a much better reason for moving it out of DHS and into the OTP. That reason was that cyber security is not just a domestic security issue and cannot be treated just like it's border control or aitport security, etc. Only at the Prez level can DoD, DHS, State, etc. be brought together to cooperate. DHS would still retain the domestiic infrastructure IPS responsibility.

"I have to say that articles like this, and subsequent commentary scare the pants off of me."

Why? What are you afraid of? The days of security through oscurity are over, and if something can't stand the light of day, it's usually because of its shortcomings.

Despite some tough circumstances, the agency is doing some very good things to improve the nation's cyber security. The best move is to help this young agency grow and eventually blossom into the force that it needs to be to secure the federal government and assist other level of government as well.

Moving the functions into the Office of the President would give cyber security more visibility. However, IMHO, these types of offices, whether at a national, state, or local level, are not well suited to long-term planning - something that is desperately needed at this stage of the game. Rather, their focus tends to be on the bright shiney light of the day.