Howard Schmidt was named as the White House’s cybersecurity coordinator on Dec. 22, a job that was reportedly difficult to fill as the U.S. strengthens its computer security defense.
The appointment marks a return to government for Schmidt, who left his job as vice chairman of former President George W. Bush’s Critical Infrastructure Protection Board in April 2003, saying he was retiring from government service to join the private sector.
“As President Obama has said, this cyber threat represents one of the most serious economic and national security challenges we face as a nation,” Schmidt said in a video statement on the White House’s Web site.
Schmidt will be responsible for creating a U.S network security strategy that encompasses protocols for ensuring a unified response to cybersecurity incidents. He also will be in charge of strengthening partnerships between government and business, the research and development of next-generation technology and a national campaign for cybersecurity awareness.
Schmidt has a depth of experience in cybersecurity, most recently working in the U.K. for the Information Security Forum, a nonprofit that focuses on researching and evaluating cybersecurity risks. His private industry experience includes a stint as chief information security officer for auction giant eBay Inc. and chief security officer for Microsoft Corp., where he worked on the company’s Trustworthy Computing initiative, a massive revamp of Microsoft’s security practices.
On the government side, Schmidt served in the U.S. Air Force in both active duty and civilian positions. He established the first dedicated computer forensic lab when he was a supervisory special agent and director of the Air Force’s Office of Special Investigations (AFOSI) Computer Forensic Lab and Computer Crime and Information Warfare Division. Before that position, he headed the Computer Exploitation Team with the FBI at the National Drug Intelligence Center.
President Barack Obama announced the cybersecurity coordinator position in May, but as months dragged on it became apparent that candidates were concerned over what sort of power the role would have. Possible candidates included Scott Charney, a Microsoft vice president for its Trustworthy Computing program.
Schmidt’s experience across the public and private sectors — and technical acumen — will serve him well, said Alan Paller, director of research at the SANS Institute. “He was the only one being considered who knew what it was like to secure a system. That set him apart from everybody,” Paller said.
But that doesn’t mean the job will be easy, as Schmidt will have to propel a delicate and very broad agenda across many government agencies in order to deliver better computer security.
“The main fight in any cybersecurity initiative is between the people who want to put some more resources into protection against the people who want to get on with the job of business and not be delayed in any way,” Paller said. “People who work with IT companies come to Washington with mandates to stop government from doing anything that will cost them money.”
Schmidt will have to avoid getting bogged down in endless meetings and speeches about cybersecurity. “There really aren’t that many hours in a day,” Paller said.
Schmidt’s office will be in the old executive office building next to the White House, a location that puts him in a better location for influence, Paller said. Schmidt will report to John Brennan, assistant to the president for homeland security and counterterrorism.
Pulling together the cybersecurity efforts across the U.S. government will be challenging, said Roger Thornton, CTO and founder of security vendor Fortify Software. “I think it will be a very tough job. He’s going to have to herd some cats,” Thornton said.
Grant Gross in Washington contributed to this report