WASHINGTON, Feb. 27 (UPI) -- The new job of Scott Charbo, the man President Bush has picked to head up the protection of U.S. computer networks, involves countering threats from Russian hackers, Chinese cyber spies and Internet Jihadis. But perhaps his most immediately dangerous adversary is the chairman of the House Homeland Security Committee.
The two men will be face to face Thursday, when Charbo, the deputy undersecretary for the National Protection and Programs Directorate at the Department of Homeland Security, is to testify on Capitol Hill about the Bush administration's much-awaited cybersecurity initiative.
Earlier this month, less than 24 hours after Charbo, until then the department's chief information officer, was promoted into his new job, committee Chairman Rep. Bennie Thompson, D-Miss., fired off an angry letter to his boss.
The veteran federal official had been guilty of "an incredible and unacceptable dereliction of duty" while in charge of the department's information technology systems, Thompson wrote Homeland Security Secretary Michael Chertoff.
Charbo's new job makes him the key federal official with responsibility for implementing the classified cybersecurity initiative that Bush signed last month, much of which remains secret.
One unclassified part of the initiative is the Einstein program, which aims to give officials what they call "real-time situational awareness" of federal networks -- meaning they can watch for hackers or other intruders as they seek to break in and try to nip security problems in the bud. Officials say Einstein is the key to stopping hackers, especially those thought working for the Chinese government, accessing federal computer systems.
The Department of Homeland Security's new National Protection and Programs Directorate, created when Congress stripped the Federal Emergency Management Agency out of DHS and restored its status as a stand-alone entity, is in charge of implementing Einstein, first in the department and then throughout the federal government.
Budget documents show that the administration is requesting 139 more staff positions and $186 million more for the directorate's infrastructure protection and information security programs next year than Congress gave it this year.
"We are building an agency," said Charbo of the new directorate. He told United Press International in a recent interview that one of his first tasks was "hiring and bringing people on."
He said the rollout of Einstein could serve as a model for the administration. "Thirty percent of the (network intrusion) sensors (deployed) within federal government networks are in DHS," he said. "A lot of the efforts we made (at DHS) will have to be repeated across the federal government."
Charbo would not comment on Thompson's charges, but there is concern from other officials that the chairman's vehemence over his promotion could overshadow the committee's oversight of the whole cybersecurity initiative. Thompson wrote Chertoff it was "unfathomable" that he should put Charbo in charge of the policy.
The letter notes that, in 2006, while Charbo was chief information officer, there were a series of intrusions into departmental networks, some of which exported data to Internet addresses in China. Thompson says that Charbo took a "laissez faire attitude" to the intrusions.
"The bottom line is that they are promoting someone to head this new initiative who can't do his job," said Thompson spokeswoman Dena Graziano.
Charbo's defenders say he is the victim of a highly personalized campaign on Capitol Hill over the breaches -- which are comparable is size and scope to those experienced by many other federal departments and agencies, including the Pentagon and the Department of Energy's nuclear laboratories.
"The scale was comparable to that (experienced by) other U.S. government departments and agencies," said former DHS preparedness chief George Foresman. "They wouldn't have been unusual for the private sector either.
"These kinds of intrusions happen every day," continued Foresman. "They weren't catastrophic ... I never saw any reports that critical classified networks were compromised."
Foresman said that Charbo had found himself in a situation familiar to many officials at the department. "There are so many priorities they become competing priorities."
Charbo said when he arrived at the department, officials had not yet completed a survey of the so-called legacy systems inherited from the 22 agencies merged into DHS.
"They hadn't even documented what systems they had," he said, adding that only 20 percent of them were certified and accredited according to federal security regulations. By last year, he said, that proportion has risen to 88 percent.
"The legacy systems were at varying levels," recalled Foresman. "It was not as simple as just plugging them all together. … Some of them came in the door in an exceptionally poor state from a security and operational standpoint."
Another former official who served at the department last year said that Charbo had a very "abrasive" personality, and had helped make himself a target by his failure to play the Washington game. "He wouldn't take meetings, he wouldn't kiss ass," said the former official. "He rubbed people all over town the wrong way."
