Somehow it feels that the White House it clearing off its desk before the end of the year. What else would explain Tuesday’s announcement that Howard Schmidt would be the Obama administration’s cybersecurity coordinator — just shy of seven months after the creation of the post was originally announced.
The announcement is curious because Schmidt was one of the first names that was tossed around — and in so many ways, he seems to have the skills necessary for this still-being-defined post.
Now, think about it. He was doing cybersecurity in Microsoft when it wasn’t cool. So, for him to be able to do that — that experience there within a company as big as that company is and the focus that they had, which was at that point pretty consumer-oriented, [but] has now switched to a very comprehensive type of cybersecurity strategy going forward with solutions for consumers, as well as other folks — that’s due to Howard’s insight and education. That experience will really help when he’s talking with private industry people and what their part is in this.
The difference between the two relates to the areas where the frustration has been felt in the past. The so-called cyber czars — many of them, including Howard — have expressed the idea that they had all of the responsibility but they didn’t have the authority. I think the difference here is the emphasis on coordination, which is a recognition that that there are many pockets, both within the government and within the private sector, of excellence — of people doing really good things in the cybersecurity area. Those don’t need to be shaken up. At the same time, they do need to be coordinated and . . . having this position be the Executive Office of the President is, I think, a significant difference from where the so-called cyber czar positions have been in the past.
Ranking minority member of the Homeland Security Committee, Senator Susan Collins from Maine, was even more blunt, releasing a statement outlining her “disappointment at the Administration’s decision to add yet another czar at the White House.” Collins wants Schmidt’s new job elevated to one that would be subject to Senate confirmation.
“I would advise him to visit those centers and know what they are doing and have a good operational understanding of what’s out there,” she says. “He should know how the partnership is growing between the different departments and agencies.”
Of all the people they were looking at, only two had on the ground experience, and this is a field you can’t do without on the ground experience. This is a job you can’t do without on the ground experience because you get lied to by people, and if you don’t have the experience of having actually managed security, you just can’t do the job.
Needless to say, there was a whole lot of coverage of Schmidt’s appointment, so if you’re looking for everything, Google News can do that. I’m just pulling some of the more interesting stories that have some above-and-beyond insights to highlight here.
Cybersecurity lawyers, researchers and policymakers are also in short supply. The Pentagon, for instance, lacks a career path to develop “expert decision-making in the cyber field,” said Robert D. Gourley, a former Defense Intelligence Agency chief technology officer. “The great cyber-generals are few and far between.”
Underlying all of these goals is the challenge of improving the recruitment and retention of a top-notch federal cyber workforce. In July, the nonprofit Partnership for Public Service released a report that found that the federal government faces major human resource challenges, such as difficulty in recruiting and retaining high-skilled workers, poor management and a lack of coordination that leaves some agencies competing against one another for talent. Such problems are particularly acute within the federal cybersecurity workforce, the Partnership found.
* Finally, A Cyber Czar [Forbes.com, 12.22.2009] The new U.S. cybersecurity coordinator, Howard Schmidt, is an impressive leader in government and industry. He’s also Obama’s fourth choice at best
At least three other candidates had been privately offered the position and turned it down, as Forbes reported in July (see: “Obama’s Unwilling Cyber Czars“). Cybersecurity industry watchers told Forbes at the time that was because the position had been stripped of much of its power in an effort to ensure that new cyber regulations didn’t hamper economic recovery.
In a campaign speech at Indiana’s Purdue University in July of 2008, Obama promised to “declare our cyber-infrastructure a strategic asset, and appoint a national cyber advisor who will report directly to me.” In the year that followed, cybersecurity has only grown as a public issue following a steady drumbeat of foreign hacking incidents that have allowed cyberspies to steal military information and breach the power grid.
But Schmidt will hardly report directly to Obama. Instead, according to a report that resulted from a 60-day government cybersecurity review ending in May, the cyber coordinator position will be “dual-hatted,” reporting to both the National Security Council and the National Economic Council under Obama’s economic advisor Larry Summers.