Video: Schmidt Hopeful on Bill's PassageCybersecurity Coordinator: It's Not an All or Nothing Package
White House Cybersecurity Coordinator Howard Schmidt, in an exclusive interview, expresses optimism that Congress could enact significant cybersecurity legislation this year even if President Obama doesn't get all that he wants in an IT security bill.
See Also: A Toolkit for CISOs
"While we might not agree on everything, let's agree on the things that we agree on and move that forward," Schmidt says in a one-on-one interview with Information Security Media Group at RSA Conference 2012, the IT security conference held in San Francisco.
Legislation before the Senate, which has Democratic and Republican sponsorship and the White House backs, would have industry primarily be responsible for developing security standards to protect the nation's critical information infrastructure, but have the government make sure systems owners comply with those standards. Leading Republicans in the Senate, however, contend that could lead to stringent regulation, a point Schmidt rejects [see Partisan Showdown over Cybersecurity Bill].
If a company operating critical IT infrastructure bucks industry-devised standards, the government has a role to assure the system will be secure; it's not a matter of the government telling industry what to do, Schmidt says.
"That's sort of the impetus of this thing and that's the part we really have to reconcile," Schmidt says. "This is not asking people to do what they shouldn't already be doing; [it's] just a core business process."
Schmidt's remarks came a day before the March 1 introduction by Senate Republicans of an alternative cybersecurity bill that is less stringent on IT security standards for the private owners of the nation's critical IT infrastructure.
In the interview, Schmidt also:
- Discusses the importance of codifying best security practices implemented by the Obama administration in a new cybersecurity law.
- Addresses progress in the Trusted Internet Connection and Einstein 3 intrusion protection initiatives.
- Explains why the administration wants to address cybersecurity as a single enterprise rather than through 26 major and 100-plus smaller departments and agencies.
Obama named Schmidt as special assistant to the president in late 2009; he started his job as cybersecurity coordinator in January 2010.