Intellectual Property Law

Obama Appoints Former Microsoft Security Chief New Cybersecurity Czar

By Kim Zetter

It took seven months but President Obama has finally found someone to take the cybersecurity czar job no one wanted.

Howard Schmidt,  a former Microsoft security executive and a one-time cybersecurity adviser to President George W. Bush, has been appointed to the position of cybersecurity coordinator, according to a White House announcement Tuesday.

Schmidt served as vice chair, and then chair, of the President’s Critical Infrastructure Protection Board and as Special Adviser for Cyberspace Security for the White House from December 2001 until May 2003, when he reportedly left the position out of frustration that the government wasn’t making cybersecurity a priority. After leaving the White House, he became chief information security officer at eBay.

In his new position, he will be responsible for coordinating the federal government’s cybersecurity initiatives to secure government networks and critical U.S. infrastructures. This will include working with the Office of Management and Budget to ensure that agencies have money allocated for cybersecurity priorities, and coordinating the government?s response to a major cyber incident or attack.

According to the Associated Press, Obama was directly involved in the selection of Schmidt, who was chosen after an extensive search.

But the announcement of Schmidt came with little fanfare on Tuesday and followed months of reports from other candidates that they either turned down the job or otherwise discouraged the White House from courting them.

Obama announced last May that he was creating a new office to be led by a cybersecurity czar. For nearly a year, however, he could find no one to take the job, because of what many viewed as its undesirable placement in the federal hierarchy.

The czar, Obama stated, would report to the National Security Council and the National Economic Council, putting the position one rung lower in the executive branch hierarchy than many security experts had wanted. Observers had hoped the czar would report directly to the president, which would have helped insulate the office from agency turf battles and ensure quick access to top decision makers.

The White House was quick to dispel concerns on Tuesday that Schmidt’s office would be exiled from the West Wing. An unidentified White House official told the Associated Press that Schmidt would have regular and direct access to the President for cybersecurity issues.

Schmidt, Microsoft’s chief security officer until 2001, is the second former Microsoft executive to take a top federal cybersecurity position. Department of Homeland Security Secretary Janet Napolitano appointed Philip Reitinger in March to the position of deputy undersecretary of the department?s National Protections Program Directorate.

Reitinger was Microsoft’s chief trustworthy-infrastructure strategist, a job that required him in part to help develop and implement strategies for enhancing the security of critical infrastructures. In his new position, he oversees the protection of the government?s computer networks and works with the private sector to help secure critical infrastructures.

There have been concerns about how the White House intends to address cybersecurity issues, particularly in the private sector, and protect civil liberties at the same time.

Obama asserted in his speech in May that the new White House cybersecurity office would include an official whose job is to ensure that the government?s cyberpolicies don?t violate the privacy and civil liberties of Americans.

?Our pursuit of cybersecurity will not include ? I repeat, will not include ? monitoring private-sector networks or internet traffic,? he said. ?We will preserve and protect the personal privacy and civil liberties that we cherish as Americans.?

Photo by Lawrence Jackson, courtesy of White House

See also:

• DHX Appoints Microsoft Exec to Secure Government Computers

Full post as published by Threat Level on December 22, 2009 (boomark / email).