Obama set to name cyber coordinator
White House confirms appointment of former Bush administration official Howard Schmidt, assures "regular access to the president."
The White House officially will announce the appointment of Howard Schmidt, former cybersecurity chief under President Bush, as the federal government's cyber coordinator Tuesday, seven months after President Obama officially confirmed plans to create the position.
An administration official who spoke on condition of anonymity confirmed Monday night that "after an extensive search, the president chose Schmidt because of his unique background and skill sets."
"The president was personally involved in the selection of Schmidt, and Schmidt will have regular access to the president for cybersecurity issues," the official added.
The Washington Post first reported Monday evening that Schmidt likely would be named.
Schmidt served as special adviser for cyberspace security for the White House from December 2001 until his retirement in May 2003. He also held the position of vice chair of President Bush's Critical Infrastructure Protection Board. After his departure from government, Schmidt served as chief information officer at eBay, chief security officer at Microsoft, and most recently as president and CEO of the nonprofit Information Security Forum.
"Howard is going to surprise a lot of people in Washington," said Alan Paller, director of research at the SANS Institute, an information security training and education organization. "He has demonstrated that he can forge sufficient support to overcome resistance and get things done."
Schmidt's experience with Washington bureaucracy also will prove valuable, Paller added, pointing to what he termed the emasculation by overzealous economic advisers of the original draft of the U.S. National Strategy to Secure CyberSpace, a February 2003 document that Schmidt helped formulate.
"I expect he wouldn't have taken the job without getting some assurance that Larry Summers, [director of Obama's National Economic Council], will not veto initiatives that ask industry to ensure the security of the products and services they sell, or the security of the power and communications networks."
Indeed, since leaving government, Schmidt has pushed for the incorporation of security requirements into the software development and procurement process, as well as stronger information security controls for the computer systems and networks that support the nation's critical infrastructure.
He also has emphasized the need for federal chief information security officers to hold greater authority over how agencies protect computer systems and networks, with the power to implement necessary security measures.
"There should be an elevation of the position, providing CISOs more authority and more ability to enforce the policies rather just acting as recommending bodies," Schmidt said in a July 2008 interview with Government Executive. "This can't be a political issue -- it's a national security issue, a public safety issue, an economic viability issue. No matter how you look at this, information security has to apply across the entire government enterprise. If you can't manage it, you can't secure it."
During his presidential campaign, Obama announced plans to appoint a national cyber adviser who would report directly to him and oversee the security of federal networks. In May, he confirmed he would personally select a cyber coordinator. Delays in the appointment have led to a frustration in Congress and speculation by experts that the position wouldn't hold the influence necessary to effect widespread change.