Howard Schmidt to lead U.S. CERT

EBay's CSO takes a government advisory role amid the DHS shakeup

Howard Schmidt, chief security officer at eBay Inc. and a former White House cybersecurity adviser, has been named chairman of the U.S. Computer Emergency Readiness Team, a public/private security monitoring organization based at Carnegie Mellon University in Pittsburgh.

The official announcement, expected next week, comes almost a year after officials from the Department of Homeland Security approached Schmidt for help with the U.S. CERT. Senior members of the DHS approached him last December during the inaugural National Cyber Security Summit and asked for his assistance in working with the private sector. Other senior DHS and private-sector officials, who at the time spoke on condition of anonymity, said Schmidt was approached amid concerns that the agency wasn't getting good advice on cybersecurity and critical-infrastructure protection from outside "industry experts."

At the time, however, Schmidt told Computerworld that he was concerned about overextending himself. In addition to his role as CSO at eBay, Schmidt was then considering a run for Congress, had co-founded the Global CSO Council and was serving as co-chairman of the awareness and education committee of the Cyber Security Task Force, which was formed at last year's National Cyber Security Summit.

He isn't expected to leave his post at eBay.

Schmidt, a former co-chairman with Richard Clarke of the President's Critical Infrastructure Protection Board, brings a wealth of knowledge and experience to the U.S. CERT. But he returns to a quasi-governmental role in the midst of a significant personnel shakeup at the DHS National Cyber Security Division (NCSD).

Howard Schmidt, chief security officer at eBay Inc.
Howard Schmidt, chief security officer at eBay Inc.
The DHS announced earlier this week that Andy Purdy, the NCSD's deputy director, will become interim director, following the abrupt departure last week of Amit Yoran. Yoran resigned amid widespread speculation that he had become frustrated with the political hand-wringing at the DHS and the lack of clout that came with the post of NCSD director (see story).

Experts contacted by Computerworld agreed that Schmidt's return to a government advisory role at the U.S. CERT doesn't solve the ongoing organizational problem at the DHS that pushed the last three cybersecurity chiefs -- Yoran, Clarke and Schmidt -- back into the private sector.

"The position [of director of the NCSD] was never strong enough and influential enough to get things done," said a DHS official who worked with Yoran. "When Clarke and Schmidt were at the White House, they could enforce needed changes. Yoran, and now Purdy, have to sell their changes and programs through layers of bureaucracy before they even reach somebody who has the authority to make things happen."

Schmidt, however, enjoys a close relationship with Robert Liscouski, the DHS assistant secretary for infrastructure protection and the official the director of the NCSD reports to. Liscouski is widely believed to have been the official responsible for luring Schmidt back into advising the government. He is also the official that some outside experts criticized last week for hampering the work of Yoran.

Liscouski couldn't be reached for comment.

Editor's note: Dan Verton is currently working on a security and forensics textbook with Schmidt that will be used at the university level.

Copyright © 2004 IDG Communications, Inc.

Shop Tech Products at Amazon