Home > Uncategorized > Good luck, Howard

Good luck, Howard

The news is out—after all the waiting and anticipation, Howard Schmidt was named the U.S. Cybersecurity Coordinator today. His name is not exactly new within the world of information security. He has served in positions ranging from an investigator for the U.S. Air Force Office of Special Investigation (AFOSI), the chief security officer for Microsoft and eBay, cybersecurity advisor in the George W. Bush presidency, the president of the International Security Forum (ISF) and the Information Security Systems Association (ISSA), and board member of the International Information Systems Security Certification Consortium, Inc. (ISC2).

I’ve known Howard for the better part of 20 years now. Strangely, I had few dealings with him when he was a member of the AFOSI while I headed the Department of Energy’s response team, despite all the breakins into Air Force systems from compromised DOE systems during Operation Desert Storm and Desert Shield. But I got to know him better once he was at Microsoft. From what I have seen of him, he is more than capable of being extremely successful in his new role.

My concern is with the position that he has filled. Melissa Hathaway functionally served in this position before the Obama Administration came into being, and she continued in this role for approximately seven months after President Obama assumed the Presidency. Insiders say that although Hathaway is not really a cybersecurity-competent person, she fulfilled her role unusually well. Working with the U.S. government is not, after all, such an easy thing to do. Someone I know well worked for her, and during that time sang her praises as both an exceptional manager and someone who knew how to get things done within the extremely difficult confines of the U.S. government. But instead of waiting to be named the U.S. cybersecurity czar, Hathaway quit out of reported frustration over the inner workings of the U.S. government.

Before Hathaway, Amit Yoran, formerly of Symantec, was appointed the cybersecurity czar for the Department of Homeland Security. Yoran’s appointment did not work out at all; he was a Washington outsider who got picked to pieces by experienced and deadly government bureaucrats. He barely lasted one year before resigning. Schmidt’s tour of duty with the George W. Bush administration did not fare much better; reports indicate that he was in a position in which he had a great deal of responsibility without a commensurate amount of authority.

So what might be different about Schmidt’s second tour of duty in the U.S. government? I fear that the answer is nothing. Schmidt’s title is impressive, but the fact that he must report to a deputy national security advisor indicates the actual importance of his position. Howard is a skillful person; perhaps he can make his way around many of the obstacles that will inevitably surround him. But the fact that he is from an organizational viewpoint multiple levels down from the top will result in the same hurdles that a chief security officer faces when that person is two levels below the chief information officer. Furthermore, the scuttlebutt is out that the cybersecurity coordinator position within the Obama administration is not intended to be all that high a position. Schmidt may thus be badly overqualified for it.

So Howard—I wish you the best of luck. The cards are stacked against you, but then again, if anyone can succeed, you can and will!

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.