DHS officials confirmed his resignation but would not comment further on his reasons or the timing of his departure. Yoran turned in his resignation Thursday, and Friday is his last day on the job.
"I believe hes pursuing other endeavors in the private sector," a department spokeswoman said. "We havent named an interim director yet, but the department will move quickly to fill his position on a permanent basis."
Yoran, a security industry veteran respected both in Washington and in Silicon Valley, joined DHS as the director of the newly created National Cyber Security Division in September 2003. From the beginning, industry observers and government veterans worried that Yoran would not be given enough authority to make the changes necessary to improve the security of the nations infrastructure. And, in the end, that seems to have been the case.
Howard Schmidt, the former chairman of the PCIPB (Presidents Critical Infrastructure Protection Board) and a friend of Yorans, said Yoran deserved a lot of credit for starting from scratch at DHS and forging a strong partnership between the department and the leaders of the private security sector.
"Hes had a really tough job to do, and he contributed his share," Schmidt said. "I dont fault him at all. I was a bit surprised, because I just met with him recently. But I think between the work and his family commitments, he just decided it was time to go."
After leaving Symantec Corp. to take the job at DHS—which other security industry veterans had turned down—Yoran was charged with implementing the National Strategy to Secure Cyberspace, a massive report that was a holdover from the PCIPB. But from the outset, Yoran and his division were hampered by a lack of consensus within DHS and the government at large on which portions of the strategy were the priorities. Furthermore, the strategy was long on generalities and short on specific recommendations, leaving much to the imagination.
But, with the help of a number of security vendors, Yoran created the NCSP (National Cyber Security Partnership), a cooperative effort between industry and government to hammer out a plan for implementing the strategy. The NCSP eventually delivered several reports from a variety of working groups, each of which made specific recommendations for programs and initiatives to help shore up the nations information security.
The NCSPs participants meet on a regular basis and have begun a widespread advertising campaign aimed at increasing awareness of security issues. Schmidt, who is part of the NCSP, said the group will continue to reassess its priorities and added that he thinks both the NCSP and DHS will continue to do good work despite Yorans departure.
"The career people at DHS will continue to do the day-to-day work, and I think Amit will stay involved somehow in the industry," Schmidt said. "This isnt just something you stop doing."
Be sure to add our eWEEK.com security news feed to your RSS news-reader or My Yahoo page: