The White House official charged with reviewing cybersecurity pol...

and Homeland Security Councils, said she finished Friday the 60-day review, which “included Saturdays and Sundays.” The scope of the cyberthreat is illustrated by an attack in November 2008 that illicitly emptied ATMs in 49 cities around the world in 30 minutes, Hathaway said. She said the recommendations will include a “White House organizational structure” that includes “an action plan for identifying and prioritizing work in this area,” but she didn’t specify whether it would include presidential leeway to cut off networks at risk of attack, as envisioned in a bill by Senate Commerce Committee Chairman Jay Rockefeller, D-W.Va. (WID April 2 p4). “It can be said that the federal government is not organized appropriately … because responsibilities for cyberspace are distributed across a wide array of federal departments and agencies, many with overlapping authorities and none with sufficient decision authority to direct actions that can address the problem completely,” Hathaway said. “Scores of legal issues emerged” in the review, covering the “aggregation of authorities,” data-sharing with third parties and liability protections for the private sector. Her team had 40 meetings with groups, which will see “your influence in our report when it is released in the coming days,” Hathaway said. “Our outreach involved unprecedented transparency and engagement for a National Security Council initiative” that was vital to its success. Hathaway’s movie- trailer summary said the U.S. responsibility in cyberspace “transcends the jurisdictional purview of individual departments and agencies” and “requires leading at the top” from the White House, agencies at every level, business executives and schools. The U.S. has a “unique opportunity … to work with countries around the world to make the digital infrastructure a safe and secure place that drives prosperity and innovation for all nations,” she said. Hathaway was careful in describing the relationship between government and business, especially owners and operators of infrastructure. The federal government “cannot entirely delegate or abrogate its role” in defending against cyber attack, but its interests are “intertwined” with the private sector. “Information is key” to that defense, she said without specifying how much the government or business should share information with each other. They should aim to “optimize our collective research and development dollars” and work to improve market incentives for secure hardware, software and managed services, Hathaway said. Citing the book Influencer, she asked the audience to use “peer pressure” to raise interest in cybersecurity. “We need to sow the seeds for a national dialogue, nurture them, even see them in our dreams, to help this critical conversation grow.”