Schmidt named Obama cybersecurity czar
Months long wait finally over
Schmidt is a former White House security advisor to George W. Bush with extensive career spells at eBay and Microsoft. He certainly has the diplomatic skills and technical knowledge to fulfill the role, but his selection comes after months of dithering and inaction on an appointment, raising questions of its own.
Schmidt at a recent London information security conference
Obama declared cyber security a priority and ordered a broad review ten months ago. Melissa Hathaway, who recommended the creation of a cybersecurity czar after running the two month review for the Obama administration, resigned as an Obama advisor back in August after losing her earlier interest in becoming White House cybersecurity chief.
Delays in naming a cybersecurity coordinator, together with speculation that other candidates - including Microsoft's Scott Charney and Congressman Tom Davis - had turned down the job, increased the feeling that the role would come with responsibility but no power. For one thing, the cybersecurity chief will be obliged to report to both the National Security Council and the National Economic Council.
Schmidt faces a huge swathe of problems, including formulating an updated strategy for defending critical national infrastructure (utilities, transport, banking etc.) from hacking attacks, as well as a plan for raising consumer awareness about risks such as scareware and phishing. He will have to negotiate a political minefield to get anything done, not least because several agencies (including the Pentagon and Department of Homeland Security) are vying for alpha male status in defining federal cybersecurity strategy.
A White House statement on Schmidt's appointment can be found here. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust