When the White House tapped industry veteran Howard Schmidt as President Obama's cybersecurity coordinator in December, some were skeptical that he was the right choice. He had already fought the same battle in the last administration, and the cybersecurity czars who followed didn't last long.
Some also fretted that Schmidt's thinking was too old-school. Forrester Research senior analyst Andrew Jaquith, for example, declared that Schmidt needed to "clue up" in terms of his current thinking. Pointing to concerns Schmidt raised in a 2010 predictions article late last year, Jaquith said, "He said 'we're concerned about social networking.' Well, sure, we've known that for awhile. 'We're concerned about smart phone malware.' Good for him for expressing an opinion about something that's been expressed before. To me, though, there just wasn't much by way of real forward-looking predictions. I think he's fighting many of the last wars in 2010, and I'm hoping we can get a little more vision out of Mr. Schmidt."
In this interview with CSOonline, Schmidt addressed those concerns and explained how this time, things are different.
For starters, he said, the position he finds himself in is far different from the last stint. The position is brand new and the chain of command a lot shorter than what previous so-called cyber czars had to contend with. And President Obama himself is far more tech and cybersecurity savvy than previous presidents. The fact that he gave a major address on that one topic last May is proof of that, he said. It was in that address that Obama announced the creation of a cybersecurity coordinator who would operate from the West Wing.
"From my perspective, and you know I've been in this business a long time, it was unprecedented to hear the President, in the speech he gave last May, not only using terms like botnet, worms, viruses and Trojans but also understanding what they are and what the effects are," Schmidt said.
Since starting the job, Schmidt has found that Obama likes constant updates and asks a lot of questions. He asks for constant updates on where the public and private sectors stand, what are the economic impacts of what the agencies are doing and, perhaps most importantly, what does Schmidt's office need for additional resources?
Asked how often he meets with Obama, Schmidt said there's no set schedule. They talk on an as-needed basis. Meanwhile, he's working closely with people from across the White House staff on a daily basis, including people from the Office of Management and Budget (OMB) and National Security Advisor James L. Jones Jr.
"What's refreshing to me is not just his breadth of understanding, but his intense focus on IT vulnerabilities and how they impact critical infrastructure," Schmidt said, noting that Obama frequently tells him to speak up when he needs more resources. "He says, 'Let me know when you need me to intercede,'" Schmidt said.
Schmidt said that feedback was instrumental in the decision to declassify part of the administration's Comprehensive National Cybersecurity Initiative (CNCI) and outline 12 key initiatives, which Schmidt did during the RSA security conference earlier this month. The initiatives, available on the White House website, include:
The Trusted Internet Connections (TIC) initiative. Headed by the Office of Management and Budget and the Department of Homeland Security, this involves the consolidation of the Federal Government's external access points (including those to the Internet). This consolidation will result in a common security solution which includes: facilitating the reduction of external access points, establishing baseline security capabilities; and, validating agency adherence to those security capabilities. Agencies participate in the TIC initiative either as TIC Access Providers (a limited number of agencies that operate their own capabilities) or by contracting with commercial Managed Trusted IP Service (MTIPS) providers through the GSA-managed NETWORX contract vehicle.
IDS and IPS across federal agencies. DHS is deploying, as part of its EINSTEIN 2 activities, signature-based sensors capable of inspecting Internet traffic entering federal systems for unauthorized accesses and malicious content. The EINSTEIN 2 capability enables analysis of network flow information to identify potential malicious activity while conducting automatic full packet inspection of traffic entering or exiting U.S. government networks.
A government-wide cyber counterintelligence (CI) plan. The plan establishes and expands cyber CI education and awareness programs and workforce development to integrate CI into all cyber operations and analysis, increase employee awareness of the cyber CI threat, and increase counterintelligence collaboration across the government. The Cyber CI Plan is aligned with the National Counterintelligence Strategy of the United States of America (2007) and supports the other programmatic elements of the CNCI.
Increase the security of classified networks. Successful penetration or disruption of these networks could cause exceptionally grave damage to our national security, the report said.
Schmidt also reiterated the need for public-private partnerships. Most of the work that needs to be done to secure cyberspace is in the private sector, but private enterprise and government agencies have not been on the same page in the past. That's starting to change, but he said it's going to take time for all the starts to align.
"Nobody should expect a complete turnaround overnight," he said. "This is a long, hard struggle, and everyone who uses the Internet has a role to play."
Schmidt's comments specifically on cyber warfare will follow next week.