Howard Schmidt, the first official White House cybersecurity coordinator, announced Thursday he was stepping down.

During his tenure, Schmidt oversaw the first White House legislative proposal on cybersecurity and unveiled the first international strategy for cyberspace.

But despite increasing public attention toward cybersecurity and the government’s response, Schmidt kept a low-profile, preferring to “operationalize” behind the scenes.

Already, analysts and cyber experts are debating Schmidt’s legacy and what the future may hold for his successor.


But Alan Paller, the director of research at the SANS Institute is wary of the word, “legacy.”

“I think we think too hard about our legacies,” he told In Depth with Francis Rose. “What we get done while we’re there is what matters.”

Mixed grades

Even so, looking back, Paller said he would give Schmidt mixed grades for his tenure leading the cyber office.

Schmidt deserves an “A” for increasing awareness of cybersecurity, for identifying the problem, Paller said. “The level of understanding of cybersecurity has skyrocketed, and he can take some credit for that,” he added.

Similarly, Paller said he would give Schmidt a “B” for focusing the office on a few key areas: trusted Internet connections, identity management and continuous monitoring.

But Paller said Schmidt was much less successful in reducing the vulnerabilities of the federal governments’ networks — for which he deserves an “F.”

“You have to say on his watch, (vulnerabilities) didn’t go down,” despite it being a goal of the international strategy, he said.

Shortened leash

However, Greg Garcia, former assistant secretary for cybersecurity and communications at the Homeland Security Department, said given the circumstance, he thought Schmidt — with his background in law enforcement, the military and government — performed admirably.

“I don’t know that the White House committed 100 percent to the position, partly because it was new to them,” said Garcia, who now heads his own cyber consultancy.

Schmidt wasn’t short of passion or knowledge, Garcia said, “but the leash gets shortened to some extent, as so many other priorities are competing for attention.”

The cyber coordinator position under Schmidt was ultimately a “test case” for a more assertive White House role in cybersecurity, he added, and should be viewed as a solid effort. “Now…let’s ramp it up,” he said.

Using the budget process

One area Schmidt came up short in, Paller argued, was in not taking full advantage of his role. He “didn’t use the federal procurement capability and… he didn’t get OMB behind him to use budget to force agencies to buy together, to buy more secure systems,” Paller said. “He just didn’t take advantage of the most powerful lever he had.”

Schmidt’s successor is Michael Daniel, a 17-year veteran of the Office of Management and Budget’s National Security Division.

The fact that Daniel comes to the job with a wealth of OMB experience puts him in a unique position, Paller said, because many cyber solutions lie on the procurement path.

Garcia added: “He has those years at OMB — he understands the budget process, he understands the politics of the budget and the interagency process.”

This story is part of Federal News Radio’s daily Cybersecurity Update. For more cybersecurity news, click here.

RELATED STORIES:

White House cyber czar Howard Schmidt to retire

Exclusive: Schmidt says cyber progress being made quietly behind the scenes

US outlines global plan for cyberspace