[ISN] Q&A: Homeland security CIO Steven Cooper

From: InfoSec News (isnat_private)
Date: Wed Jul 24 2002 - 03:46:45 PDT

  • Next message: InfoSec News: "[ISN] Cybercorps to extend to states"

    Forwarded from: William Knowles <wkat_private>
    JULY 23, 2002
    Steven Cooper, the new CIO of the White House Office of Homeland 
    Security, spoke this week with Computerworld about the challenges he 
    faces as he works to pull together information and resources from 
    disparate federal agencies for the fight against terrorism. Cooper, a 
    former CIO at Corning Inc. in Corning, N.Y., joined the Bush 
    administration in March. 
    Q: What are the first projects you're going to be tackling? 
    A: We're starting on two parallel tracks. Our job is national in 
    scope. It's not just federal. As a result, while the initial work will 
    focus on the federal agencies that will comprise the Department of 
    Homeland Security, what we really need to do is look at all the 
    end-to-end business processes of homeland security as they also 
    interact with state and local governments, private sector and 
    Q: Is adopting metadata standards a key to that? 
    A: That's part of it. That's how we have to ensure that linkage to 
    things outside the federal government. There's a huge difference 
    between these wonderful proclamations we make about XML now being the 
    latest generation's silver bullet. But come on, let's get real guys; 
    this industry has been trying to pull this thing together for 40 
    years, and we still haven't gotten it right. And it isn't about the 
    ability to technically connect stuff; that's simple. I can hook 
    networks together. I can hook applications together. I can hook 
    databases together. What about the exchange of information in a 
    meaningful manner? Now we're talking about something completely 
    So one of the things that we have to figure out is a way to drive -- 
    not because we're going to get it right first shot out of the box -- a 
    dialogue across a broad community at large where we can very quickly 
    begin to figure out where we have agreement and where we don't. Let's 
    leverage where we have agreement. And I am talking about metadata 
    standards, and I am talking about the meaningful content of the 
    information we need to integrate. Where we don't, let's figure out a 
    way to either engage the right standards organizations. Although they 
    tend to do good work, it takes a little bit of time. Or can we create 
    some intergovermental/industry working groups? Not because anyone's 
    going to issue a federal mandate or make it a law, but because we 
    think these are ways people can collaborate and work together. 
    Q: Of course, XML standardization work has been a slow, tortuous 
       process. Can you afford to be that patient? 
    A: What I would like to see is we could get the right folks together 
    and reach some type of consensus that's basically a win-win for 
    everybody involved. That's the ideal. Now, if that doesn't work in a 
    time frame where we need to accomplish some things, I do think we may 
    [have] to move to: If you're going to interact with the federal 
    government, then here is the format, here are the XML tags, here is 
    how you send it to us. Then yes, it is going to become a little less 
    We're talking about homeland security. We're fighting a war. We're 
    talking about protecting lives and property. There is an urgency 
    around this. So, getting the balance right, we will probably err on 
    the side of: If we think it's taking too long, we're going to move 
    forward. And that may upset some people, but hopefully it will be a 
    small subset. 
    Q: And we're talking XML here, not electronic data interchange (EDI)? 
    A: I think we're talking primarily XML because that's where we have 
    the least investment thus far, therefore the highest probability of 
    not messing up legacy stuff where people have sunk a lot of money. 
    Could we use EDI in communication of information that's already well 
    established? Yes. I'm not sure I'd call it leading edge or bleeding 
    edge, but it works. 
    Q: What will be the role of the Critical Infrastructure Assurance 
       Office (CIAO)? 
    A: It is tasked with the primary responsibility of 
    critical-infrastructure protection. As such, it is, we believe, an 
    excellent place to house the information integration program office. 
    I, being in the White House Office of Homeland Security, really act in 
    an advisory role, not an operation role. CIAO director John Tritek 
    acts in an operation role. I provide strategic guidance and basically 
    help establish the key objectives, performance measures, critical 
    success factors, those types of things. John will have the primary 
    responsibility for ensuring that the office is in fact operating to 
    the objectives and goals that we have jointly established. 
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Wed Jul 24 2002 - 06:41:02 PDT