In December, President Barack Obama announced the appointment of Howard Schmidt to the position of cybersecurity coordinator, which has sat vacant since its creation in May 2009. Schmidt, a veteran of industry and previous administrations, will be responsible for coordinating the national effort to better secure U.S. cyber infrastructure.
The U.S. is consistently under attack in cyberspace, from web assaults against federal systems to private citizens and companies being victimized. While some of these attacks are a byproduct of criminal activity, some stem from deliberate efforts by foreign governments, looking to steal U.S. intellectual property and information of intelligence value. The risks and challenges the U.S. faces in protecting cyberspace are complex and will prove difficult to surmount.
As the lead coordinator for U.S. cyber defense, Schmidt will be responsible for ensuring the nation continues to stay abreast the current and future threat environments. Some of his key tasks include creating a new national cyber strategy, strengthening partnerships, R&D, forming an organized response to attacks and educating the nation about cybersecurity.
The task is daunting and will take a strong measure of resolve from Schmidt to combat the challenges before him. Below are some of the most important challenges that Schmidt will face in 2010.
The U.S. is the most networked nation in the world. We depend on our IT networks for banking, communication, heating and even warfare. Our national infrastructure spans the public and private sectors and one of Schmidt's major challenges will be developing and coordinating a national strategy to protect those interests.
Individual agencies and departments have been moving forward in the absence of a cyber coordinator. “Schmidt's biggest challenge will be building coordination among the cyber initiatives already under way,“ according to James Lewis of the Center for Security and International Studies, who led the CSIS Commission for Cybersecurity for the 44th Presidency. Schmidt will need to look to bring these efforts together into a coherent and usable policy that advances cybersecurity across the disparate initiatives within government and the private sector.
Schmidt will need to bring together the powerful voices along with people who have traditionally been on the fringes of the cyber issue. Mischel Kwon, vice president of public sector security solutions at RSA, The Security Division of EMC, and former director of USCERT, said: “One of his biggest challenges is getting everyone to the table. We've had a history of not having everyone at the table.“
Along with bringing everyone into the debate, Schmidt is tasked with forming an organized response to any future cyber incidents. Given that different stake holders have different concerns in the cyber arena, it will take all of Schmidt's considerable experience and expertise to gain consensus on the appropriate response to cyber attacks.
One of Schmidt's earliest tasks will be to define his level of authority among the disparate entities involved in securing the national cyber infrastructure. During the seven month search for the cybersecurity coordinator, it was rumored that a number of prospective appointees turned the position down due to the positions perceived lack of authority. Schmidt will have “regular access“ to the president, but fundamentally has little established authority, especially among the other government “heavyweights.“