Expert: Cyber-Czar Will Be 'Underwhelming' Choice

The Obama Administration is set to introduce a "cybersecurity coordinator" to help the United States craft policies that will beat back hostile incursions into public and private databases and systems, but hasn't made his pick known yet.Saddled with enormous responsibilities, many experts fear that the so-called czar's power will be undercut by bureaucratic turf battles because the position is supposed to report to both the U.S. National Security Council and the National Economic Council.

But if the Administration's track record so far is any indication, Obama is likely to pick a pragmatic manager rather than a thought-leader for this position -- in other words, someone who won't butt heads with others because they think they know better.

Jack Thomas Tomarchio, former Deputy Under Secretary for Intelligence and Analysis Operations at the Department of Homeland Security, told me that Obama "is governing as a pragmatist" and is likely to pick someone in a similar vein. "There's going to be a lot of bureaucratic rice bowls overturned, so you're going to need someone to navigate that," he said. (As an early member of a a new bureaucracy himself, Tomarchio has first-hand experience navigating those overturned rice bowls.)

Tomarchio told me the choice will likely be "underwhelming... maybe some retread military guy."

So in other words, don't expect an expert from Silicon Valley or academia to fill those shoes. Whoever this person is, they're more likely to be conciliatory than commandeering; not only will he or she have to report to those two departments, but will have to play nicely with private sector utilities, local government agencies, security vendors and various branches of the military and intelligence community as well.

Mind you, this isn't part of the typical virus hype cycle. Tomarchio assured me the risk to national security is real and growing. "We're under consistent and pervasive attack around the clock, and it runs the gamut of nations, organized crime activities, terrorist groups, and what I'd call your run of the mill hackers," he said.

Public and private sector organizations are being consistently invaded by adversaries, and "a staggering number of countries are engaged in active cyber-collection against our government systems," Tomarchio said.

The Administration isn't standing still while awaiting the new czar. Tomarchio told me that he recently participated in a cyber-warfare exercise sponsored by the CIA, with around 150 participants from private, public and not-for-profit organizations. He said the exercise was "valuable to learn our strengths and weaknesses."

The so-called "after-action" report is still to come.

One question with which the cyber-czar will have to grapple is how much security the government can build in without invading the privacy of its citizens. Many security experts believe that identity management is the only way to protect systems efficiently, but Americans have little appetite for being tracked, even when the cookies are for their own good. That may end up being the messiest rice bowl of them all.