Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Government Security Politics

Cyber-Security Czar To Be Named 139

The Washington Post and everybody else is reporting that on Tuesday President Obama will name Howard A. Schmidt as cyber-security czar. Schmidt was an advisor to President Bush on cyber-security matters. The Post rehearses the reasons why the Obama administration has had difficulty in finding someone for the post, and notes that the turf battles did not start in this administration: "Schmidt was chosen after a long process in which dozens of people were sounded out. Many declined the post, largely out of concern that the job conferred much responsibility with little true authority, some of them said. Meanwhile, the cybersecurity chief at the National Security Council, Christopher Painter, has served as the de facto coordinator, trying to push ahead the 60-day cyberspace policy review plan unveiled by Obama in May. That plan's formulation was led by Melissa Hathaway, who resigned in frustration in August after delays in naming a cyber-coordinator. She had been a contender for the position... Schmidt served as special adviser for cyberspace security from 2001 to 2003 and shepherded the National Strategy to Secure Cyberspace, a plan that then was largely ignored. He left that job also frustrated, colleagues said."
This discussion has been archived. No new comments can be posted.

Cyber-Security Czar To Be Named

Comments Filter:
  • by Jawn98685 ( 687784 ) on Tuesday December 22, 2009 @09:27AM (#30522858)
    You are going to need it. "...much responsibility and little true authority..." is a recipe for failure and scapegoating. As it is so often in business, so it is even more so in government, the PHB's (those with the real authority) don't grasp the issues and will make bad decisions, forcing you to deal with the consequences.
    Get it in writing. There words and yours. Let there be as public a record as possible as to what recommendations were ignored.
    • by BCW2 ( 168187 )
      Typical Government job. All the responsibility and no authority to do anything.
      • Typical entry level government job.

        The aim is to hack your way to the top, where you have all the authority and no responsibility.

        • by BCW2 ( 168187 )
          This whole administration is nothing but theoreticians who have never actually done anything in the real world. Why would anyone expect good solutions to anything?
    • Since there's no authority, he cannot force anyone to do anything.

      Since he is the "Czar", he CAN make recommendations.

      Any department that doesn't follow his recommendations is on their own when they get cracked.

      Any department that DOES follow his recommendations has an easy out when they get cracked. They blame him.

      Meanwhile, he's busy setting up all of his family and friends with high paying, low responsibility jobs with the companies trying to get him to "recommend" their products/services.

    • "...much responsibility and little true authority..." is a recipe for failure and scapegoating.

      It's always bad for the executive monkey.

      http://en.wikipedia.org/wiki/Ulcers_in_Executive_Monkeys [wikipedia.org]

  • Here comes XKCD (Score:4, Insightful)

    by readthemall ( 1531267 ) on Tuesday December 22, 2009 @09:28AM (#30522864)
    Secretary: 1 [xkcd.com] through Secretary: 5 [xkcd.com]
  • What's next (Score:3, Insightful)

    by Alarindris ( 1253418 ) on Tuesday December 22, 2009 @09:28AM (#30522866)
    the Fuhrer of Healthcare?
    • Re: (Score:3, Funny)

      by ddxexex ( 1664191 )
      "Freedom Fuhrer" has a cooler ring to it...
    • the emir of enigmas

      the nawab of nosiness

      the sahib of silliness

      the khan of the kafkaesque

      you can have fun with this all day

    • Re: (Score:3, Informative)

      by earlymon ( 1116185 )

      What's next, the Fuhrer of Healthcare?

      Right on.

      The Prez called him a cyber-security coordinator - it was the dumb-ass reporter for TFA that introduced the word czar, once again.

    • Re: (Score:3, Informative)

      by Manchot ( 847225 )
      In all seriousness, "czar" is just an informal term that the media began using to describe these types of positions. Unfortunately, people who aren't very well-informed see the word and think that they represent some sort of communist plot to seize power. They really don't have any authority, and are ultimately just specialized advisors to the president.
      • Re: (Score:2, Insightful)

        by Uniquitous ( 1037394 )
        True, but those people see communist plots hiding in every shadow. It's like a Rorschach test. They see what they want to see. The sad part is that they don't know the first thing about any of the -isms that they claim to despise; they just get good & mad whenever their talking heads tell them to.
  • Given the sensitive nature of the job, they should go unnamed.

  • Hathaway (Score:1, Interesting)

    by el_tedward ( 1612093 )

    Wow, I didn't realize Hathaway had resigned.. but I guess that's why she didn't get the job, eh? I don't think this is the last resignation we'll see in the cyber security area.

    Hathaway seemed like she was really the best pick for the job, especially considering the 60 day cyberspace policy review thing she did. Not that I read through the entire thing, but she made some pretty interesting suggestions. For instance, she talked about how cyber security is not something that can just be centrally managed on a

  • No takers? (Score:3, Funny)

    by MrMr ( 219533 ) on Tuesday December 22, 2009 @09:55AM (#30523046)
    Not a single democrat willing to take the job...
    The party has just crawled up one notch in my esteem.
  • I can understand why some of the potential candidates declined the offer. Trying to improve internet security from the level of a politician will be like trying to carry water in a spaghetti strainer. There are only two ways to really fix internet security: wait for technology to improve through private industry, or pull the plug. I really hope no attempt is made to use government funds to back a particular contractor. Traditional government funding provides little incentive for rapid improvement (your prod
    • There are only two ways to really fix internet security: wait for technology to improve through private industry, or pull the plug.

      One other way. The government can mandate standards that all products must meet in order to be considered for purchase by the government.

      Think TCP/IP.

      Then, keep extending the spec as new advances are made. But keep it focused on different vendors supplying different segments ... and all working together because they all follow the same spec.

      • That works fine until someone comes along with an "enhanced", "superior" model with "better" security, who gets the job because it's "better". Notably better at securing landing the next contract due to proprietary "secure" standards that won't be compatible with anything else.

  • by kaaona ( 252061 )

    Captain Dunsel comes to mind...

  • None of these diverse organizations in the Federal Government will cede authority to an appointed bureaucrat. His office may come up with standards but adoption will face tremendous hurdles of anything that he comes up with. There's too much entropy in Washington IT and it's governed by consultants and contractors all with their own agendas. Couple that with a full time workforce that is largely unaffected by any thought of losing their jobs over something like IT Security and you have a lose/lose situa

  • Scapegoat (Score:3, Interesting)

    by 2gravey ( 959785 ) on Tuesday December 22, 2009 @10:22AM (#30523280)
    Funny, they had to give the job back to the last guy who had it because no one else would take it. I wouldn't take it either, because that guy is going to get strung up by the angry mob when the inevitable Chinese cyber-strike occurs.
  • by Anonymous Coward

    I've met Howard Schmidt several times at security events, and I think he's best suited for writing articles for the trade mags and speaking on the lecture circuit than he is for real information security work. Hre just strikes me as nothing more than a charlatan.

    It's hard to meet the guy and come away liking him too, his ego fills the room, and since he's an "honorary" professor at several colleges with security initiatives, he inists on everyone calling him "professor schmidt." Reminds me of the maestro fr

  • by Anonymous Coward
    The first non-socialist, non-tax-cheat appointed by the administration!
  • by lseltzer ( 311306 ) on Tuesday December 22, 2009 @10:40AM (#30523462)

    Don't let Obama off easy on the "turf wars" thing. He specifically promised multiple times in the campaign to hire a security czar who would report directly to him and have real authority.

    For months nobody would accept this position because it was set to report both to the National Security Council and National Economic Council and have no budgetary authority. Now it seems that he will report only to the National Security Council, but this still breaks Obama's promise, although this is hardly the only time he tossed aside a campaign promise.

  • by MikeRT ( 947531 ) on Tuesday December 22, 2009 @10:46AM (#30523524)

    Each federal department behaves differently. Agencies like the various DoD support and intelligence agencies, not to mention the CIA which is its own separate agency unto itself from any department, are not going to let the yahoos from Homeland Security or Justice tell them what to do or even be in on the conversation about how they organize and communicate, especially with regard to classified information.

    A cyber-security czar who cannot command the CIA and DoD agencies is quite literally one with no practical authority since those groups are the majority of what matters with real, important IT security in the federal government.

  • Schmidt wasn't just "a former Bush administration official," he was the first cybersecurity czar, appointed shortly after 9/11 and contributed to the National Strategy to Secure Cyberspace [dhs.gov]. I suppose they didn't get it right the first time, but things will be different now.

  • Of course we need a Cyber-Security Car. With so many cars getting electronic enhancements, even becoming WiFi hot spots, it is obvious that we need more security for them. However, they should all have security, not only one car. Unless one Cyber-Security Car offers so much protection that a single one in an area is able to protect a nearby herd of cars. I hope the manufacturers quickly add security, so the government won't try to control the kinds of security in cars.
  • I've known Howard for more than a decade. He started out as a local cop who had a hobby working with computers. He was a pioneer in forensic analysis of computer evidence, and was instrumental in establishing the Air Force's information security capability which was arguably the biggest influence on the evolution of today's DoD capability. He started out doing hands on low level hardware and software analysis. He was a hacker in the true sense of the word. I visited his home, and there were always multiple

  • To be the welfare car of the Republic?

    I'd rather buy a Ford.

"Conversion, fastidious Goddess, loves blood better than brick, and feasts most subtly on the human will." -- Virginia Woolf, "Mrs. Dalloway"