Last night, the White House officially confirmed that Howard Schmidt, the former cyber adviser in the Bush administration, would be appointed to the much anticipated position of cyber coordinator. Since then, the comments have been flowing in. Below is just a taste of how the cybersecurity community is reacting to the pick.
James Lewis, director of the technology and public policy program at the Center for Strategic and International Studies
I think it's a good move. The administration has started a lot of initiatives on cyber Defense Departmetn, Homeland Security Department, State Department -- and they need someone to make sure it all fits together. They also need to rewrite the National Cyber Strategy, and having someone to honcho that process and avoid recycling old ideas will be the big challenge.
Alan Balutis, director of the business solutions group at Cisco Systems and a former chief information officer at the Commerce Department
Howard is a good man and his name has been in the mix for a long time --
but his demands had been viewed as extreme and hence kept him out of the running. That said, he should do a good job and I think the appointment will be viewed positively around government and with the private sector.
Gregory Garcia, head of the information security consulting firm Garcia Strategies, and assistant secretary of cybersecurity and telecommunications at DHS during the Bush administration
Thumbs up for technical, political, and corporate experience; vision, energy and confidence in teamwork. If agency leads don't have a counter agenda, they'll step up and join Howard. There's no one better for the job.
Tom Talleur, forensic technologist and former federal criminal investigator
I'm glad to see Howard named as cyber security coordinator. The problem remains, however, that this entire issue has become a process for a problem that will never be solved. Howard does not have enough authority to address this challenge. The government could have stopped this problem 15 years ago but chose not to. Now, this issue has become a behemoth accountable to no country or person. The overall challenge for us in the 21st century remains: Unless and until we develop processes to manage the convergence of novel technologies with communicative properties soon we will face a digital wild west unimaginable by today's standards.
Alan Paller, director of research at the SANS Institute
Howard is going to surprise a lot of people in Washington. He had extraordinary successes as CISO at Microsoft [and] has demonstrated that he can forge sufficient support to overcome resistance and get things done. Also, he's already been burnt badly by overzealous [staffers] from the White House Council of Economic Advisors when they emasculated the original draft of the [2003] National Strategy to Secure Cyber Space, so I expect he wouldn't have taken the job without getting some assurance that [the council's current director] Larry Summers will not veto any initiatives that ask industry to ensure the security of the products and services they sell or the security of the power and communications networks.
Dale Meyerrose, vice president for cyber and information assurance at Harris Corp. and chief information officer for the Office of the Director of National Intelligence during the Bush administration
Howard Schmidt is eminently qualified to be the national cyber coordinator and an excellent choice by the administration. He will need to draw on well-earned credentials in this yet-to-be-defined coordinator position in the White House. I see three major tasks facing Mr Schmidt:
- Help sort out the roles and missions among the major cyber players, namely Defense, Homeland Security, and Justice
- *Focus leadership on a small number of the forty-plus recommendations in the [administration's cybersecurity report released in May]
- *Outline the issues that need to be addressed in the fiscal 2011 budget process.
COMMENTS
New cybersecurity coordinator Howard Schmidt is yet another Obama Administration Czar Wreck!
Schmidt is a "Distinguished Fellow" of Carnegie Mellon University's CyLab -- whose management is a catastrophe.
CyLab's problems include the cover-up of identity fraud, securities fraud, hedge fund fraud, and felony theft-by-deception!
If there were Congressional oversight, Schmidt would never have been a serious candidate for the critical job he now has.
www.PrintCafeSecuritiesFraud.com
Eliot Ness 01/10/10 08:27 am ET
Howard is a good man and has the knowledge and background to fill the position. He is howeever a bit
extreme in some of his views as to what ought to be
a stratagy standard.
I hope that is first moves will be in strengthining NIST
crypto standards, getting DHS up to at least a minimal
security standard with DNS, and get US-Cert to be far
more responsive as well as getting their own DNS up to
snuff as well. So far even with EINSTINE DHS is far behind the commercial industry practice standard. That's plainly not good enough.
Jeffrey A. Williams 12/23/09 05:31 pm ET
Having known Mr. Schmidt since his Microsoft days, and benefited from his participation in the Secure E-Biz Summit on Cyber Security, I can tell you first hand that the man has the intellect, passion and political know how to get things done. The real question is whether the administration will give him the authority to improve the IT Acquisition Process and get disparate agencies working towards a common goals, especially DoD and DNI.
We cannot afford to have each agency investing in solving the same problem, or hand over billions to contractors who have not delivered. We can no longer afford to continue stove pipe approaches or analysis/paralysis activities that undermine 8 out of 10 IT programs. During the IT-AAC's Defense IT Acquisition Summit last November, Secretary Lynn called out for major changes in the IT Acquisition process and Honorable Mike Wynne outline the IT-AAC first chapter on the importance of leadership. It appears that everyone understands the challenges facing the nations ability to be responsive to this immediate threat.
Obama, give Howard the authority needed to effect lasting transformation of the IT Acquisition process. If it takes 91 months to acquire a cyber solution or 20 months for our FFRDCs to understand the problem, we will have already lost and might as well surrender now.
As Einstein would say "we cannot solve todays problems with the same kind of thinking that got us here in the first place".
John Weiler 12/23/09 08:47 am ET