Computerworld - Starting today, Howard Schmidt, former chief security officer at Microsoft Corp. and onetime field sergeant for the Chandler Police Department in Arizona, takes on an entirely new set of responsibilities. Schmidt has turned in his Microsoft credentials to begin a new job in the White House as the vice chairman of the president's new Critical Infrastructure Protection Board under Richard Clarke.
Schmidt discussed his new position and objectives in an e-mail interview with Computerworld's Dan Verton last week.
What was it that attracted you to this job? One of the areas that I strongly support is private/ public partnerships working together to solve many of the challenges facing us in the [critical infrastructure protection] space.
I was very impressed with the dedication and passion that Dick Clarke and John Tritak [director of the Critical Infrastructure Assurance Office at the U.S. Department of Commerce] brought to the table in building trust with the private sector.
A few days after Sept. 11, I got a call from their office inviting me to join the team as the vice chair of the [Critical Infrastructure Protection Board]. With the tragic loss of thousands of innocent people, I felt duty-bound to return to public service to help any way I could.
Exactly what do you envision your role to be? Dick and I have talked about this, and looking at our respective backgrounds, I will most likely focus on law enforcement, public safety, [Defense Department] issues and the public/private-sector partnership outreach. Dick will focus on national security and government systems.
Howard Schmidt, vice chairman
of the president's Critical
Infrastructure Protection Board
This does not mean that we have hard lines drawn as to what we will handle, but it means that we will do what has to be done to provide for a stronger, more robust, resilient critical infrastructure.
Microsoft has drawn a lot of criticism about the security of some of its products. As you leave for Washington, what do you see as Microsoft's strengths and weaknesses in this area? One of the difficult things I have had to deal with has been the ever-changing threat picture. The continuous cat-and-mouse game of attack, fix, attack, fix has been difficult to deal with.
I have said many times that security issues are industry issues and that solutions go beyond technology and involve people, processes and policies.
I do not know that anyone can predict what the next generation of threats will bring, but focusing on hardening software out of the box and implementing fundamental changes based on lessons learned will go a long way to reducing the attack surface.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
