New cybersecurity coordinator says he has the president’s ear

In his first public comments since becoming the nation’s first cybersecurity coordinator, Howard Schmidt said yesterday he has President Barack Obama's ear and his support.

“The president has been clear in designating me his lead officer” for government cybersecurity, Schmidt said at the annual State of the Net conference, hosted in Washington by the Advisory Committee to the Congressional Internet Caucus. Last year, as the position sat vacant for months before Obama appointed Schmidt, skeptics questioned whether the eventual choice would really have influence in the Oval Office.

Schmidt’s title is special assistant to the president and senior director for cybersecurity, but he reports to the head of the National Security Council and also sits on the National Economic Council. Some observers fear that this dual role would dilute Schmidt's influence, but he said the diversity works in his favor.

“There is a direct linkage to the national security staff as well as the National Economic Council” that will help balance the needs of security as well as the economy, he said.

Schmidt said his job is to help manage risk, not to eliminate it completely.

“There are no absolutes,” he said. “We will never have 100 percent security and still have an open society.”

Schmidt said he is encouraged that federal Chief Technology Officer Aneesh Chopra and federal Chief Information Officer Vivek Kundra see his security position as an enabler to information technology innovation rather than as a roadblock.

Schmidt stepped into his new role one week ago, eight months after Obama announced the creation of the position. With little time in the new office, Schmidt outlined his priorities for the job but offered few specifics about how he plans to achieve them. He said his primary objectives are to:

• Update the strategy to secure the government’s networks.
• Develop an organized and unified incident response capability that would include the private sector as well as government.
• Develop a more complete partnership with the private sector and with other nations.
• Increase investments in cybersecurity research and develop.
• Create a public awareness campaign for cybersecurity.

Other areas that have his attention are supply chain management, to help ensure that hardware and software acquired by government is secure when it comes from the vendor; identity management; and managing the risks of cloud computing.

“I’m a big proponent of moving things to the cloud, but doing it right,” he said. This will require having the proper legal, policy and technical controls in place to ensure that information moved online remains secure. Schmidt said he will be working with Kundra in this area and that it also will require private sector cooperation to make sure that the proper standards and practices are in place.

Although Schmidt’s authority extends only to government systems, he emphasized that partnership and cooperation with the private sector will be necessary to achieve his goals.

“The federal government is the reality I have to deal with,” he said. However, the private sector, which owns and operates the majority of the nation’s critical infrastructure and provides the bulk of the government’s hardware and software, must be at the table, he said.