By Calvin Biesecker and Geoff Fein
President Obama yesterday selected Howard Schmidt, an information security expert with wide ranging experience in the public, private and law enforcement arenas, to be the country’s first Cybersecurity Coordinator, charged with working across government and industry to promote the security of the nation’s computer networks.
Schmidt said in a video clip on the White House blog that Obama has directed him to focus on four key priorities including the development of a new comprehensive strategy to secure the country’s cyber networks, “ensuring an organized, unified response to future cyber incidents.”
“He needs to get up to speed on all government [cyber security] initiatives” to have an understanding of what the capabilities are across the various government agencies and departments,” Steven Bucci, cyber security lead at IBM’s [IBM] Public Sector business, told Defense Daily. Right now these agencies and departments have “uneven capabilities” yet the government needs to be able to “protect all pieces of the puzzle the same.”
Schmidt’s other priorities include bolstering public and private partnerships domestically and abroad, promoting the research and development of the next-generation of security technologies, and leading a national campaign to promote cyber security awareness and education, Schmidt said. Schmidt will also advise Obama on cyber security matters, be a member of the National Security Council staff and work with the president’s Economic Council.
Creation of the Cybersecurity Coordinator position at the White House is meant to boost the importance and urgency of cyber security at the national level. Earlier this year the White House embarked on a 60-day review of how the federal government should go about defending the nation against cyber threats (Defense Daily, June 1). One of the results of the review is that the government will partner with the private sector on cyber security solutions rather than mandate what the private sector must do.
In the video clip Schmidt said that cyber “vulnerability is shared” and that “so is our responsibility” for security.
Most recently Schmidt was president and CEO of the Information Security Forum, an independent, non-profit international group based in London that promotes standards and best practices for information security. His resume includes stints as the chief information security officer at the online auction company eBay [EBAY] and at Microsoft [MSFT] and has the chief of his own security consulting firm. He served under former President Bush as a special adviser for cyberspace security, directed the Air Force Computer Forensic Lab, and also served at the FBI where he headed the Computer Exploitation Team within the National Drug Intelligence Center.
Schmidt has both an industry and private sector orientation coupled with previous experience in the White House, Larry Clinton, president and CEO of the Internet Security Alliance, told Defense Daily.
“Howard Schmidt knows the [cyber] space from so many different perspectives,” Larry Clinton, president and CEO of the Internet Security Alliance, told Defense Daily. “He should hit the ground running.”
Phil Reitinger, deputy under secretary of the National Protection and Programs Directorate and director of the National Cybersecurity Center at the Department of Homeland Security (DHS) said in a statement that “Howard has demonstrated the ability to work across government regardless of party, and across industry, for many years…It is hard to find someone in the cybersecurity community with whom Howard has not worked.”
Bucci said that Schmidt’s technical and bureaucratic background will make him a “good staff person” for working the interagency process.
Some early concern has been raised that Schmidt’s selection shows that the administration placed more emphasis on business interests in selecting him.
Clinton dismissed this notion.
“The fact of the matter is, the private sector is on the front lines of national cyber defense,” Clinton said. It is critical the cyber coordinator have an appreciation of the economics of cyber defense, he added.
In the federal government the Defense Department has the lead for protecting the military’s computer networks and DHS is in charge of protecting federal civilian networks. How Schmidt ends up working across the federal government remains to be seen.
Schmidt’s appointment doesn’t require Senate confirmation. Nonetheless, Sen. Joe Lieberman (I/D-Conn.), chairman of the Senate Homeland Security and Governmental Affairs Committee, said he will introduce legislation next year that calls for the cyber coordinator to be Senate confirmed.
Lieberman also said he hopes the appointment “leads to a renewed sense of urgency across the government to address this challenge” of cyber security. “We need to develop without further delay a national strategy for safeguarding critical cyber networks and a comprehensive plan that lays out the responsibilities of each federal agency and the private sector.”
However, the committee’s ranking member, Sen. Susan Collins (R-Maine) continues to oppose creation of this position.
“I am disappointed by the Administration’s decision to add yet another czar at the White House-in this case, in an attempt to address the critical challenges our nation faces in securing cyberspace,” Collins said in a statement. “This cyber ‘coordinator’ is another czar-a position created in a way that bypasses the Senate’s constitutional advice-and- consent role and shields it from effective oversight.”