Almost seven months after the White House cybersecurity review recommended creating a position to oversee the nation’s Internet defense, the President has finally picked Howard Schmidt, a former Microsoft executive and consultant to the FBI, to fill the post. While some analysts hail this as the first step towards getting serious about cybersecurity, others believe the position won’t have the power to implement important change.
However, everyone seems to agree on Schmidt’s qualifications to do the job. Schmidt has experience with both the private sector, having worked as chief security officer for Microsoft and as cybersecurity chief for eBay, and within government, having advised the FBI and worked on former President G. W. Bush’s cybersecurity team.
The position itself has been contentious. As originally conceived in June, the cybersecurity chief would report to Larry Summers, head of the National Economic Council. In its current incarnation, Schmidt will still work with the National Economic Council, but report directly to the National Security Council.
Yet, Schmidt won’t have much ability to influence defense policy, as the job of overseeing military cybersecurity will fall to Lieutenant General Keith Alexander, pendin his promotion to four-star General. That leaves Schmidt to deal primarily with the civilian and law enforcement areas, where the overlapping cyber-jurisdictions of various government agencies has been described as “drawn as clear as mud,” by O. Sami Saydjari, chairman of the Professionals for Cyber Defense.
Other analysts echoed Saydjari’s concern, noting that Schimdt’s inability to control budgets or policy could leave him impotent in Washington’s bureaucratic turf wars over funding. To that end, James Lewis, a senior fellow at the Center for Strategic and International Studies, told the Associated Press that Schmidt would be less a cyber czar than a “cyber peasant.”
But some thing Schmidt will have the ability to cause positive change, primarily through coordinating the government’s many regulatory Agencies’ approach to cybersecurity. According to Martin Libicki, the author of Conquest in Cyberspace and a senior policy analyst at the Rand Corporation, noted that Schmidt could lead the way to safer banks and corporations by influencing the policy of the FDIC or Federal Trade Commission via his links to the National Economic Council.
For now, every is waiting to see if Schmidt can navigate the many competing civilian, military, and commercial interests jockeying to mold the Internet to their liking.
Said Libicki, “He has all the right kind of experience. The rest remains to be seen.”