White House appoints cybersecurity chief
New cybersecurity chief Howard Schmidt
(Credit: The White House)The White House's new cybersecurity chief faces a tough agenda, but will be able to draw on the lessons of a 40-year career, including stints at Microsoft and eBay.
Former security adviser Howard Schmidt is returning to the White House as President Obama's new cybersecurity coordinator, the White House announced Tuesday.
In his new role, Schmidt will report to the National Security Council. Schmidt will also "have regular access to the president," said an official who spoke to The New York Times.
Earlier this year, President Obama initiated a review of the government's cybersecurity policies in an effort to streamline operations. Turf wars among various agencies and a perceived weakness in the Department of Homeland Security had raised red flags, prompting the president to declare that the country was not adequately prepared on the cybersecurity front.
Following that review, the White House identified a need for a new cybersecurity chief, then plunged into a tricky, months-long process that now brings Schmidt back to public service.
President Barack Obama greets his new White House cybersecurity chief Howard A. Schmidt in the Cross Hall of the White House.
(Credit: Official White House Photo by Lawrence Jackson)In a recorded speech introducing himself, Schmidt said he sees information technology as offering great opportunities but also great dangers to national security, public safety, economic competitiveness, and personal privacy. As dependence on technology increases, he said, the need to protect our security and privacy also increases.
As such, Schmidt said that the president has directed him to focus on several key areas:
• developing a new and comprehensive strategy to secure U.S. networks to ensure an organized response to future cyber incidents;
• beefing up both public and private partnerships in the U.S. and abroad;
• promoting research and development of next-generation technologies;
• and leading a national campaign to promote cybersecurity, awareness, and education.
Acknowledging that Washington can't solve cybersecurity problems on its own, Schmidt said his agenda is to bring together the government, the private sector, and other stakeholders as part of a new and comprehensive cyberstrategy to strengthen online defenses.
Following Schmidt's appointment, a variety of security analysts offered their thoughts.
In a Tuesday blog post, Randy Abrams of security vendor ESET said that Schmidt is very smart and personable, possessing a depth of knowledge and experience that makes him one of the best possible candidates for the job. But Abrams cautioned people not to expect miracles or fast changes as Schmidt will face huge obstacles trying to coordinate security across different government agencies, most of which have people who think their way is the only way to do things.
Phillip Dunkelberger, president and CEO of security vendor PGP, where Schmidt serves on the board of directors, said: "Howard's familiarity with public sector, private sector, large vendors and small innovative companies should be a great asset to this unique position; one that will just expand as our nation's dependency on cyber communications continues to grow." He also stressed that Schmidt will need to jump in quickly and form a solid working relationship with the Department of Defense and with the federal government's chief information officer, Vivek Kundra, and chief technology officer, Aneesh Chopra.
Schmidt brings to his new post a lengthy resume of government service, with a particular niche in computer crimes and forensics. Early in his career, he worked for the FBI's National Drug Intelligence Center, where he ran the Computer Exploitation Team. He also was a special agent and program director for the Air Force, where he set up one of the government's first dedicated computer forensic labs.
His new post will be Schmidt's second stint at the White House. In December 2001, just after the 9/11 attacks, he was appointed vice chairman for President Bush's Critical Infrastructure Protection Board and deputy to former White House cybersecurity czar Richard Clarke. Schmidt left his post in February 2003 to return to the private sector. During his tenure with the Bush administration, he helped create a new cybersecurity plan, which at the time was criticized as being too watered down, a charge that Schmidt disputed.
In the private sector, Schmidt served as chief security officer for Microsoft from 1997 to 2001 before joining the White House. After leaving his government post, he joined eBay in 2003 as vice president for security.
More recently, Schmidt was the president and CEO of the Information Security Forum, an international nonprofit organization that focuses on risks and research in the cyberworld.
Updated December 23, 4:00 a.m. PST with comments from security analysts.
Lance Whitney wears a few different technology hats--journalist, Web developer, and software trainer. He's a contributing editor for Microsoft TechNet Magazine and writes for other computer publications and Web sites. You can follow Lance on Twitter at @lancewhit. Lance is a member of the CNET Blog Network, and he is not an employee of CNET. 
Chalk up yet another unelected, unverified-by-elected-officials czar for BHO's presidency. So how far past the Russians' historical total are we now?
Or, do you really think it is a good idea to have congress write all policy for everything?
The founding fathers made provisions so congress doesn't have the impossible task to regulate and set policy for everything.
Most people know this, unfortunately teabaggers need to take a civics class.
Perhaps you should also look up what they do(hint: they set policy based on law, they do not create law).
I agree the term is annoying, but that is no reason to go off and give the typical teabagger response.
Why am I wasting my time?
Teabaggers are proud of their ignorance and would never try to educate themselves.
Could you please hire one in that position who has all of the Microsoft and Unix certifications please?
Not sure about the guy in this article but something tells me he is not certified and perhaps does not even have a A+. Any url where I can find more into about him?
2. Why would anyone care about an entry-level support technician cert? Schmidt isn't going to be fixing computers, he'll be helping to make policy.
Yes, we'd all like to see someone with the technical chops to know what he's doing, but making unrealistic demands about certifications is honestly pretty dumb. The guy was CSO for Microsoft, among other things... he's well beyond the realm of having to get certifications to buff up his resume.
Certifications are a waste of time and money.
They don't even imply knowledge. I know people with CISSP or SCJP who don't know some basics of networks and java respectively.
There is a lot more to cybersecurity than MS. The MS track record in cypersecurity is poor at best. Without the technical skills of a seasoned IT person he will be limping along at best and relying on a technically skilled staff the he cannot qualify or certify himself. This is a blind appointment...
When looking for a department head, I would rather have someone in that role who has the ability to delegate the responsibilities of the 'technical stuff' to those who are skilled in the specialized areas that require them. As well, the head must be able to organize and manage all of the sub departments and be aware of the 'big picture' from what all of the sub department managers report back to him.
Whereas, typically someone with specialized technical skills tends to want to control and micro-manage too much on their own because they tend to feel that they can always do a better job than those who are assigned to the respective tasks. This does not make a good overall leader.
It sounds like Mr. Schmidt has what it takes to be a good department head based on his past experiences as written in the article. From my perspective (and obviously the President's), he seems to be a perfect candidate for the job.
Schmidt began his government service in the United States Air Force in 1967, where he studied chemical weapons, high explosives, and nuclear weapons while attending munitions school.
Between 1968 and 1974, completed three tours of duty in Southeast Asia during the Vietnam War. He left active military duty in 1974 when started his civil service career at the Gila Bend Air Force Auxiliary Field, since renamed as the Barry M. Goldwater Air Force Range and served as chief of transportation and deputy director of resource management until 1982.
Served in the Arizona Air National Guard with the 161st Communications Squadron based at Phoenix International Airport, from 1989 until 1998.
In 1998, transferred to the U.S. Army Reserves as a special agent, Criminal Investigation Division.
Served with the 315th MP Det (CID) at Ft. Lawton in WA.
Testified as an expert witness in federal and military courts in the areas of computer crime, computer forensics and Internet crime.
First president of the Information Technology Information Sharing and Analysis Center.
Former executive board member of the International Organization of Computer Evidence.
Served as co-chairman of the Federal Computer Investigations Committee.
Served as a board member for the CyberCrime Advisory Board of the National White Collar Crime Center. Distinguished special lecturer at the University of New Haven, teaching a graduate certificate course in forensic computing.
Taught courses for the FBI and DEA on the use of computers and law enforcement investigations.
Served as an augmented member to the President's Committee of Advisors on Science and Technology in the formation of an Institute for Information Infrastructure Protection.
President of the Information Security Forum.
President and CEO of R & H Security Consulting LLC, which he founded in May 2005.
International president of the Information Systems Security Association (ISSA).
Board member of the following:
-Finnish security company Codenomicon
-Fortify Software
-International Information Systems Security Certification Consortium, commonly known as (ISC)²
In October 2008 he was named one of the 50 most influential people in business IT by readers and editors of Baseline Magazine.
Serves on the Executive Committee of the Information Technology Sector Coordination Council.
Memberships include the following:
-High Technology Crime Investigation Association,
-American Academy of Forensic Sciences,
-International Association of Chiefs of Police
Testified before congressional committees on computer security and cyber crime.
Co-author of "The Black Book on Corporate Security" and author of "Patrolling CyberSpace, Lessons Learned from a Lifetime in Data Security"
Appointed to the Information Security Privacy Advisory Board to advise NIST and the Secretary of Commerce and the Director of the OMB on information security and privacy issues pertaining to federal government information systems.
Certifications include CISSP and CISM.
Professor of practice at the Georgia Institute of Technology's GTISC.
Professor of research at Idaho State University.
Adjunct distinguished fellow with Carnegie Mellon's CyLab
Distinguished fellow with the Ponemon Institute.
Served as a cyber-adviser in President George W. Bush's White House
Served as chief security strategist for the US CERT Partners Program for the National Cyber Security Division through Carnegie Mellon University, in support of the Department of Homeland Security.
Was a vice president and CISO and chief security strategist for eBay.
After the 9/11 attacks, he was appointed by President Bush as the vice chair of the President?s Critical Infrastructure Protection Board and as the special adviser for cyberspace security for the White House in December 2001.
While at the White House, he assisted in the creation of the US National Strategy to Secure CyberSpace. He assumed the role as the chair in January 2003 until his retirement in May 2003.
In 1997, joined Microsoft, as the director of information security, CISO and CSO.
Co-founder of the Trustworthy Computing Security Strategies Group.
In 1994, supervisory special agent and director of the Air Force Office of Special Investigations (AFOSI) Computer Forensic Lab and Computer Crime and Information Warfare Division.
In 1996, he established the first dedicated computer forensic lab in the government, which was the basis for the formation of the Defense Computer Forensic Laboratory (DCFL).
Prior to the AFOSI, was with the FBI at the National Drug Intelligence Center, where he headed the Computer Exploitation Team.
City police officer from 1983 to 1994 for the Chandler Police Department in Arizona. Served on the SWAT team and the Organized Crime and Drug Enforcement Unit, and formed and led the Special Enforcement Team.
- by StevensRE January 5, 2010 7:47 AM PST
- These issues which include discussion on how to secure U.S. networks to ensure an organized response to future cyber incidents will be identified in an upcoming cybersecurity policy conference held in D.C. on January 19th-20th. Check out www.stevens.edu/cyberpolicy/ for more information.
- Like this Reply to this comment
-
(14 Comments)