Modernizing Authentication — What It Takes to Transform Secure Access
Date: 12/14/2017 @ 1 p.m. ET
WASHINGTON--Barely one month into the job, Howard Schmidt is getting an idea of just how big a task he has ahead of him.
Schmidt, whom President Obama tapped late last year to serve as the administration's senior director for cybersecurity, today laid out an ambitious agenda for revamping the government's approach to shoring up the country's digital infrastructure.
For the seven months that the position remained unfilled, observers opined about the difficulty the individual selected would encounter in trying to bring together the various federal agencies, Congress and the military to develop a coherent cybersecurity strategy.
"The president's been very, very clear in designating me as his lead policy official in cyberspace security in the federal government," Schmidt said in a speech here at the State of the Net conference, an annual tech policy event hosted by the Congressional Internet Caucus.
In large measure, Schmidt's address today mirrored the plan Obama laid out in May, when he released the results of a sweeping cybersecurity review he commissioned early in his tenure and announced his plans to create the cyber coordinator position.
Like Obama, Schmidt stressed that cybersecurity is as much a security priority as it is an economic one, particularly as digital networks increasingly become the backbone for global commerce. That belief is reflected in Schmidt's dual reporting structure, as he serves on both the National Economic Council and national security staff.
As Schmidt circulates around Washington taking in briefings and meeting with agency and legislative staffers, he is laying the groundwork for what is intended to be a coordinated defense and response plan. He said he hopes to ensure that plan "also includes making sure we translate the strategy from the high-level points in any strategy to how do we execute."
A part of that execution strategy will be a vigorous public education campaign to promote cybersecurity awareness.
Schmidt also said the administration is taking a particularly hard look at the supply chain in an effort to firm up U.S. systems, describing the complex global network through which electronic components-which could come pre-loaded with vulnerabilities-enter the country as a "spider web."
But at the same time, he is pragmatic enough to acknowledge that words like "perfect" or complete" don't apply to cybersecurity.
"We will never have 100 percent absolute security and still have an open society," Schmidt said. "There's no way you can look at absolutes in this space."
In addition to coordinating among government institutions, Schmidt is also trying to widen the bridge between the public and private sectors. That includes devising new methods for sharing threat information and pooling resources, as well as outreach programs to ensure that businesses of all sizes are taking security seriously without breaking their budgets just to shore up their systems.
Schmidt also spoke of the administration's commitment to protect digital infrastructure without compromising citizens' privacy.
"Privacy and security are two sides of the same coin," he said. "Without security we have no privacy."