No one dare comment
The US government's cybersecurity chief abruptly quit last week amid allegations his office was woefully underfunded and unduly controlled by the country's ultra-secretive National Security Agency. Rod Beckstrom was named last year to head the NCSC, or National Cybersecurity Center, an office within the Department of Homeland …
"it has received funding for just five weeks and had only five people working there"
The last thing the NSA et al wants is people to actually *pay attention* to cyber security, after all, that would just make their job (of snooping on everyone and everything) more difficult, wouldn't it?!
I can understand and empathise with Mr. Beckstrom's comment that "The intelligence culture is very different than a network operations of security culture." It''s ESR's Cathedral and the Bazaar redux. The sad thing is that the distinction is so transparently obvious to people on one side of the divide, but the other doesn't want to admit, much less accept the realities of the modern world. We don't need more closed guild structures, committees of mandarins or any other cliques of neo-Platonist "betters" telling us what to do and how to do it. The sooner these people (any group based whose power is based on secrecy, proprietary knowledge or "chosen" status, basically) get over their own puffed-up sense of self, the better for all of us. The future doesn't need you: stand aside.
Intelligence agencies should not be allowed to *control* any part of a national stance, or determine related policy for that matter. Each agency is strictly a servant of democratically-elected, civilian government. Sure, they can make policy suggestions and report their activities to a responsible oversight committee (well, they should be doing that!), but the decision is not up to them. So, in cybersecurity, in makes perfect sense that the policy and coordination role lies outside any intelligence agency.
That's why they publish papers on securing various operating systems, for free on their web site.