Somehow it feels that the White House it clearing off its desk before the end of the year. What else would explain Tuesday’s announcement that Howard Schmidt would be the Obama administration’s cybersecurity coordinator — just shy of seven months after the creation of the post was originally announced.
The announcement is curious because Schmidt was one of the first names that was tossed around — and in so many ways, he seems to have the skills necessary for this still-being-defined post.
But this strikes me as an important — and complex — job. So, as we often do around these kinds of big events, I like to pull together resources, analysis and opinions around key topics. (Previous DorobekInsider readers: Obama cyber-security policy review, the Defense Department’s National Security Personnel System pay-for-performance reports and Veterans Day.)
Right at the top, I should note that the DorobekInsider reader: Obama cyber-security policy review has links to the administration’s policy review and much more.
From the White House itself:
* WhiteHouse blog: Introducing the New Cybersecurity Coordinator, which includes a short video with Howard Schmidt.
Federal News Radio 1500 AM and FederalNewsRadio.com coverage
Federal News Radio 1500 AM has has team coverage of the announcement.
* On Federal News Radio 1500 AM’s Daily Debrief with Chris Dorobek and Amy Morris… we spoke with Karen Evans, former administrator of e-government and information technology at the Office of Management and Budget, and Randy Sabett, a partner at Sonnenschein Nath & Rosenthal, where he is a member of the Internet, Communications & Data Protection Practice. Sabett served on the Commission on Cybersecurity for the 44th Presidency, which had recommended the creation of the cyber-coordinator post.
Now, think about it. He was doing cybersecurity in Microsoft when it wasn’t cool. So, for him to be able to do that — that experience there within a company as big as that company is and the focus that they had, which was at that point pretty consumer-oriented, [but] has now switched to a very comprehensive type of cybersecurity strategy going forward with solutions for consumers, as well as other folks — that’s due to Howard’s insight and education. That experience will really help when he’s talking with private industry people and what their part is in this.
The difference between the two relates to the areas where the frustration has been felt in the past. The so-called cyber czars — many of them, including Howard — have expressed the idea that they had all of the responsibility but they didn’t have the authority. I think the difference here is the emphasis on coordination, which is a recognition that that there are many pockets, both within the government and within the private sector, of excellence — of people doing really good things in the cybersecurity area. Those don’t need to be shaken up. At the same time, they do need to be coordinated and . . . having this position be the Executive Office of the President is, I think, a significant difference from where the so-called cyber czar positions have been in the past.
* Federal News Radio’s Jason Miller culled reaction from industry, while Federal News Radio’s Max Cacas got the reaction from Capitol Hill — Cacas notes that one of the more interesting comments came from Sen. Susan Collins (R-ME).
Ranking minority member of the Homeland Security Committee, Senator Susan Collins from Maine, was even more blunt, releasing a statement outlining her “disappointment at the Administration’s decision to add yet another czar at the White House.” Collins wants Schmidt’s new job elevated to one that would be subject to Senate confirmation.
* Federal News Radio’s Jason Miller is hearing Sameer Bhalotra, a staff member from the Senate Select Committee on Intelligence, is a leading candidate to be the deputy cyber coordinator. Miller also spoke to Melissa Hathaway, the former senior director for cyberspace for the National Security Council under President Obama and now president of Hathaway Global Strategies:
“I would advise him to visit those centers and know what they are doing and have a good operational understanding of what’s out there,” she says. “He should know how the partnership is growing between the different departments and agencies.”
Of all the people they were looking at, only two had on the ground experience, and this is a field you can’t do without on the ground experience. This is a job you can’t do without on the ground experience because you get lied to by people, and if you don’t have the experience of having actually managed security, you just can’t do the job.
And this morning on the Federal Drive with Tom Temin and Jane Norris, Jim Lewis, director and senior fellow of the Technology and Public Policy Program at the Center for Strategic and International Studies spoke about the appointment. Hear that interview here.
Needless to say, there was a whole lot of coverage of Schmidt’s appointment, so if you’re looking for everything, Google News can do that. I’m just pulling some of the more interesting stories that have some above-and-beyond insights to highlight here.
* As attacks increase, U.S. struggles to recruit computer security experts [WP, 12.22.2009]
My favorite quote was right at the end from Bob Gourley, the former CTO at the Defense Intelligence Agency.
Cybersecurity lawyers, researchers and policymakers are also in short supply. The Pentagon, for instance, lacks a career path to develop “expert decision-making in the cyber field,” said Robert D. Gourley, a former Defense Intelligence Agency chief technology officer. “The great cyber-generals are few and far between.”
* Workforce Hurdles for New Cyber Czar [NextGov’s WiredWorkplace blog, 12.22.2009]
Along the lines of Gourley’s comments:
Underlying all of these goals is the challenge of improving the recruitment and retention of a top-notch federal cyber workforce. In July, the nonprofit Partnership for Public Service released a report that found that the federal government faces major human resource challenges, such as difficulty in recruiting and retaining high-skilled workers, poor management and a lack of coordination that leaves some agencies competing against one another for talent. Such problems are particularly acute within the federal cybersecurity workforce, the Partnership found.
* Obama cyber czar pick looks to secure smartphones, social nets [ComputerWorld, 12.22.2009]
Calls on social media firms to alert users about various security threats
* Finally, A Cyber Czar [Forbes.com, 12.22.2009]
The new U.S. cybersecurity coordinator, Howard Schmidt, is an impressive leader in government and industry. He’s also Obama’s fourth choice at best
At least three other candidates had been privately offered the position and turned it down, as Forbes reported in July (see: “Obama’s Unwilling Cyber Czars“). Cybersecurity industry watchers told Forbes at the time that was because the position had been stripped of much of its power in an effort to ensure that new cyber regulations didn’t hamper economic recovery.
In a campaign speech at Indiana’s Purdue University in July of 2008, Obama promised to “declare our cyber-infrastructure a strategic asset, and appoint a national cyber advisor who will report directly to me.” In the year that followed, cybersecurity has only grown as a public issue following a steady drumbeat of foreign hacking incidents that have allowed cyberspies to steal military information and breach the power grid.
But Schmidt will hardly report directly to Obama. Instead, according to a report that resulted from a 60-day government cybersecurity review ending in May, the cyber coordinator position will be “dual-hatted,” reporting to both the National Security Council and the National Economic Council under Obama’s economic advisor Larry Summers.
How Dangerous is the Cyber Crime Threat? [PBS’s NewsHour, 12.22.2009]
Talking to Jim Lewis, director and senior fellow of the Technology and Public Policy Program at the Center for Strategic and International Studies
* National cybersecurity coordinator choice widely applauded [GCN.com, 12.22.2009]
* Obama’s New Cyber Security Chief, Howard A. Schmidt, Speaks in Gibberish, but Not the Highly Technical Kind [Seattle Weekly, 12.22.2009]