Doubts persist following appointment of US Cyber-Czar
CT Review's Jonathan Rush reports that doubts are surfacing regarding the perceived mismatch between the wide responsibilities and real authority of the new US cybersecurity coordinator. Meanwhile, the UK is on course with its own cyber security strategy
In May 2009 President Obama declared digital networks a strategic national asset and protecting them would be a national security priority. Obama said he would personally select a cyber-czar. Seven months later on 22 December he named Howard Schmidt, a former Bush White House official, as the White House's cybersecurity coordinator. Schmidt, who will report to deputy national security adviser, John O. Brennan, will coordinate cybersecurity across the US federal government spectrum, from the military to civilian agencies.
In the White House announcement, Brennan stated: "Howard will have regular access to the president and serve as a key member of his National Security Staff. He will also work closely with his economic team to ensure that our cybersecurity efforts keep the nation secure and prosperous."
Schmidt joins from the Information Security Forum, a US non-profit consortium of corporations and public-sector organizations working to resolve cybercrime and cybersecurity issues, where he was its president. Schmidt was formerly chief security officer at Microsoft before becoming vice president and chief information security officer at eBay. He headed the computer exploitation team at the FBI's National Drug Intelligence Center in the 1990s and served in the US Air Force from 1967 to 1983.
Industry sources say doubts are surfacing regarding the mismatch between Schmidt's real authority and his announced wide responsibilities. Schmidt served as the Bush administration's special adviser for cyberspace security from 2001 to 2003 and was responsible for the National Strategy to Secure Cyberspace plan. Schmidt reportedly resigned after the plan was largely ignored.
Welcoming Schmidt's appointment, Neil Fisher, Unisys' VP Global Security Solutions, said: "At a time when our vulnerability to online crime and computer hacking attacks is at its height, this appointment will have positive reverberations around the world. Howard Schmidt brings with him important lessons learnt during the dot com boom (and subsequent bust), which have been largely forgotten by other cyber ambassadors, to our detriment.
"While this appointment will beckon Schmidt back to the US, the UK will benefit from a more joined up, coordinated cybersecurity strategy, in recognition of the borderless nature of the cyber threat levelled at our governments, industries and public."
Meanwhile the UK government's Cyber Security Strategy, published in June 2009, set out plans to establish two new organisations, both of which it stated would be established in September 2009 and operational by the end of March 2010.
The first organisation is an Office of Cyber Security (OCS) to provide strategic leadership for and coherence across Government. The OCS will establish and oversee a cross-government programme to address priority areas in pursuit of the UK's strategic cyber security objectives.
And the second was a Cyber Security Operations Centre (CSOC) that will bring together existing functions to actively monitor the health of cyber space and co-ordinate incident response; enable better understanding of attacks against UK networks and users; and provide better advice and information about the risks to business and the public.
A UK government cabinet office spokesman confirmed the two organisations were on course to be operational by the end of March 2010. The Director of the Office of Cyber Security has been announced as Neil Thompson, whose responsibilities are believed to be primarily those of coordination between the three British intelligence agencies (GCHQ Cheltenham, MI5 and MI6) and the cabinet office.
Jonathan Rush is the editor of CT Review and its sister online publication, ContingencyToday.com. He can be contacted on jrush@contingencytoday.com and +44(0)7798 812253
