After months of waiting, the Obama Administration has named Howard Schmidt as the White House Cybersecurity Coordinator. While Schmidt getting the job is great news, there are still some questions regarding the position that the appointment has not answered. One such question goes toward the level of actual authority that the job comes with.
W. Hord Tipton, executive director for (ISC)2 and a long time colleague of Schmidt’s, said that he and ISC(2) fully support Schmidt as well as the Obama Administration’s decision to appoint him to his new job.
“(ISC)2 has worked together with Howard on many important global and national information security workforce initiatives throughout the years and have always valued his insight and counsel. We look forward to working with Howard in his new role as he undertakes the critical task of developing the government and national information security workforce program,” Tipton said.
Tipton wasn’t the only one who was excited. “With forty years of experience in government, industry, law enforcement, and international involvement, Howard brings the right credentials, background, and enthusiasm to the White House,” said Lt. Gen. Harry Raduege, USAF (Ret), now chairman of the Deloitte Center for Cyber Innovation.
Howard Schmidt is the former President and CEO of Information Security Forum, a non-profit focused on cyber risk research. In addition he has played the role of Chief Security Officer for both Microsoft and eBay.
“I’m honored to have been selected by President Obama and look forward to returning to public service, working with both his National Security and Economic Councils,” Schmidt said in a statement.
“In our digital world, the information technologies we depend upon everyday, present us with both great opportunity and great danger…Our lives have enriched in countless ways by technologies that are now part of the very fabric of our day to day lives. Our dependence on these wonderful technologies, continue to increase with each new innovation, as does our shared responsibility to protect our security and our privacy.”
Schmidt said he has been tasked to take on several things from the start, including the developing of a new comprehensive strategy to secure American networks, ensuring an organized unified response to future cyber incidents, working to strengthen parternrships here at home and abroad, promoting research and development, and a national campaign for education on cybersecurity initiatives.
The problem is no one knows if the White House Cybersecurity Coordinator actually has the authority to implement the needed changes to security policy.
For example, once the strategy to secure American networks is developed, thanks to work from the Department of Defense, Homeland Security, and maybe even the private sector, can it be enforced? Who would oversee the enforcement? If this strategy isn’t followed by both the federal and private sectors, does it become an issue for national security?
There is no clear answer to this hypothetical. The White House hasn’t said what Schmidt’s reach is with regard to authority. Perhaps this is information that will come later.
However, over the last ten months, there has been a good deal of issues filling the Cybersecurity Coordinator role. Those offered the job or discussed for the job have turned down the offering, mostly because no one wanted what many in the media and some professional circles called a token security job. Why have the responsibility and stress with no way to actually move forward with any improvements or ideas, or if you get that far, enforce punishment for any infractions or abuse? Who would want to be a scapegoat for political ambition?
Given that this isn’t Howard’s first time at the rodeo, then maybe this isn’t a token position after all. He had to have been well aware of the popular opinion of it, and it’s hard to imagine his eyes were closed when he agreed to take it.
As mentioned, Schmidt has more than forty years of experience in the industry, working in both the federal and private sectors. That’s a lot of insight, which can help a good deal of people in the federal government work out a large number of security issues. With luck, this experience can pass over to the private sector.
At the same time, if there is to be no real authority in his new job, then Schmidt’s talents and knowledge will be severely wasted.