The director of US-CERT, which coordinates the nation's response to cyber risks, abruptly has resigned.
Randy Vickers, who headed the U.S. Department of Homeland Security (DHS) entity, will be replaced by Lee Rock, who will serve as acting director until a replacement is named, according to an internal email sent by Roberta Stempfley, director of the DHS' National Cybersecurity Division.
The email was obtained Monday by SCMagazineUS.com.
"Lee has been the deputy director of US-CERT for over a year, and we are confident that our organization will continue its strong performance under his leadership," Stempfley wrote.
A DHS spokesman declined to comment on the reason for Vickers' departure.
Jeffrey Carr, founder and CEO of Taia Global, which consults U.S. and foreign governments on cyberattacks, said he doesn't know what led Vickers to quit. But in his experience with US-CERT, Carr said he has found the agency to be overwhelmed with incident reports.
"They've never had the money or manpower to do the work they need to get done," Carr told SCMagazineUS.com on Tuesday. "Clearly they have a morale issue. Bad morale is maybe the worst illness any organization can have. And with the heightening budget crisis, everybody's worried about what's going to happen."
He said he doubts the departure is directly related to recent hacktivist attacks on federal government properties, including the U.S. Senate and CIA, but it may have been a factor.
"(Vickers) may have just reached the breaking point," Carr said.
The news follows a number of high-profile resignations involving DHS cyber executives.
Philip Reitinger, director of the National Cybersecurity Center at DHS since June 2009, tendered his resignation in May. Reitinger had replaced Rod Beckstrom, who now is president and CEO at ICANN.
In his letter of resignation to DHS Secretary Janet Napolitano, obtained by a number of media outlets, Beckstrom wrote that the center “did not receive the appropriate support” from the DHS during the Bush administration. It needed that support to fulfill the agency's responsibility to protect the nation's cybersecurity across the country's civilian, military and intelligence communities.