Obama鈥檚 smart pick for cyber czar: Howard Schmidt
After far too long, President Obama finally appointed a 鈥渃yberczar鈥 on Tuesday. Howard Schmidt has the credentials to coordinate the government鈥檚 defense against digital sabotage. Will he also have the authority?
Appropriately, his experience is as deep as the cyberthreat is wide. Mr. Schmidt has been involved with cybersecurity in government (the George W. Bush administration), in the private sector (at eBay and Microsoft), in law enforcement (at the FBI), and internationally (heading up a nonprofit dedicated to this problem). He has both technical and policy know-how.
He also served in the military, which this month confirmed that Iraqi insurgents learned to intercept video feeds from unmanned drones. (The signals have since been secured.)
Schmidt鈥檚 job is immense 鈥 to orchestrate the military and civilian branches of the federal government as they try to ward off cyberattacks from hackers, terrorists, governments, criminals, and others. That translates, for instance, into preventing the disabling of electric, transportation, financial, and other critical networks.
Cyberattacks on public and private digital systems in the US are increasing. In 2006, the Pentagon counted 6 million attempted intrusions on its computers; last year, it was 360 million. US businesses have also lost billions of dollars in intellectual property to hackers.
In November, the Government Accountability Office found a 200 percent increase in reports of cybersecurity 鈥渋ncidents鈥 at federal agencies between 2006 and 2008. The GAO warned of 鈥渟ignificant weaknesses鈥 and 鈥減ervasive vulnerabilities鈥 at the agencies.
While Americans may picture Afghanistan when they think of war, cyberattacks on the US occur daily. On Tuesday, the Wall Street Journal reported that the FBI is investigating a hacking into Citigroup Inc. that resulted in the theft of tens of millions of dollars 鈥 supposedly by Russian criminals. (Citigroup disputed the story, and said no one had lost any money.) Earlier this year the media reported foreign infiltration of the electric grid, penetration of Air Force air-traffic control, and the theft of top-secret information on a fighter jet.
Back in May, when President Obama announced he would create an office of cybersecurity in the White House and appoint a cyberczar, he promised to make protecting digital networks a 鈥渘ational security priority.鈥 But he has had a hard time filling this czar job. Reportedly dozens of candidates were approached, but many bowed out because of concern of too much responsibility without real authority.
Schmidt enters his job as key agencies move forward with big plans to improve cybersecurity.
The Pentagon鈥檚 has a new Cyber Command meant to manage its offensive capabilities (disruption of enemy systems) and defensive ones. The State Department, in a reversal from the previous administration, is talking with Russia and the United Nations about 鈥渃yber arms control鈥 and international strengthening of Internet security. The US Department of Homeland Security has just opened a cyberwatch-and-warning center for the nation鈥檚 technology infrastructure. Meanwhile, more than a dozen bills related to cybersecurity have been introduced in Congress.
Schmidt will have to make sure these various efforts work together 鈥 and work, period. But as if that weren鈥檛 enough, he鈥檒l need to put his imprint on a new national strategy for cybersecurity.
As this challenge balloons, the government may have to take a more hands-on approach 鈥 for instance, setting cyber- safety standards for the technology sector just as it eventually did for the auto industry.
All of this is a tall order, not doable unless the new cyberchief is perceived as acting on behalf of the commander in chief. The White House insists that Schmidt will have regular and direct access to the president from his office at the National Security Council. Mr. Obama will have to show that this is true, or else his cyberczar will be a czar in name only.
