About Schmidt: We finally have a cybersecurity coordinator. Now what?

The appointment of Howard Schmidt as the White House cybersecurity coordinator was greeted almost unanimously — both in government and in the private sector — with a sigh of relief. President Barack Obama announced creation of the position nearly seven months ago and a lot of people have been waiting with bated breath to see it filled.

Now begins the daunting task of coordinating the nation’s cyber defenses and policies across military and civilian, government and private sector infrastructures.

“It think it will be the toughest job Howard has ever had,” said Roger Thornton, chief technology officer of Fortify Software, where Schmidt sits on the board of directors.

But the advances being made in technology and in network security practices at a handful of agencies also offer great opportunities if the right person can make full use of them. 

I have not yet heard anything negative about the president’s choice of Schmidt to fill the job. But concerns about the job itself have been swirling for months. The coordinator will not report directly to the president and there have been tales of White House in-fighting about just to whom he would report. It appears to have come down to deputy national security advisor John Brennan and economic adviser Lawrence Summers.

The idea that the coordinator would be serving two masters is worrisome, and a number of qualified candidates reportedly had declined the honor of a White House post. This has led to widespread speculation that the coordinator’s position is seen by security professionals as a losing proposition. It will be a difficult job under the best of conditions, and we do not yet know what the conditions he will be working under. Will he have the budget, the staff, the authority to accomplish anything? More importantly, will he have the attention and support of the president?

I am inclined toward optimism in this issue. First of all, although I would have liked for the decision on a coordinator to have been made sooner, I do not see the delay in the appointment as a big problem. Political realities do not allow every issue facing the president to be dealt with immediately, regardless of their long-term importance. With two wars to fight, a busted economy to fix and health care reform legislation that — rightly or wrongly — has been defined as a test of the president’s ability to govern, the cybersecurity coordinator was not at the top of the president’s list of priorities. What is import is not when he got to it, but that he got around to it at all.

Secondly, this is a new position and the man who first holds it will have the opportunity to define much of it. It is hard to believe Schmidt would have taken the job if he didn’t feel he could be successful in it. He already has a successful career behind him, with enough public service on his record that he does not have to polish his resume with a new position. I believe he is taking this job with a full understanding of the challenges, both in IT security and in White House politics, and that he has firm plans for establishing an office and making a difference.

“The first thing he’s going to be doing is writing Chapter One of this organization,” Thornton said.

How that chapter comes out will determine much of what follows. Schmidt might not succeed. Establishing and overseeing a coherent policy over something as broad and diverse as national cybersecurity might not even be possible. But if it is possible, I think he has a good shot at it.

Good luck.