CoC professor appointed new cybersecurity czar

One of the nation’s renowned computer security experts, Howard Schmidt rejoined the White House payroll as their cybersecurity coordinator, or “cyber czar.”

President Obama initially appointed Melissa Hathaway—a leading advisor in national cybersecurity and intelligence—acting senior director for cyberspace last Feb. to evaluate the importance of national cybersecurity. Hathaway resigned that August leaving an “initial down payment,” as she called it, for what a cybersecurity coordinator should attend to.

Given Schmidt’s record of service at the White House and top cybersecurity positions at companies like Microsoft and eBay, the Deputy National Security Advisor John Brennan, whom Schmidt will report to, has warmly welcomed him to the position of cybersecurity coordinator.

“I’m committed to bringing [the government, private sector and individual citizens] together around a new comprehensive cyber strategy that keeps America secure and prosperous,” Schmidt said in a video statement.

Schmidt’s top priorities are to develop a new network security strategy, lead a national campaign to promote cybersecurity education and research, ensure an organized response to cyber incidents and strengthen public, private and international partnerships.

This task prioritization is the goal of President Obama’s recent string of policy coordinator appointments, popularly dubbed “czars.”

Schmidt has served with a host of organizations, government agencies and companies, and he clocks in over thirty years of continuous information technology (IT) security service. From 2006 to 2009, though, Schmidt was worked with Tech’s College of Computing (CoC) as an adjunct professor and professor of practice.

“[Schmidt] was more interested in and has more expertise in the policy side [which includes] how to evaluate benefits, what roles government and industry play and what solutions we can come up with is the policy side,” said Mustaque Ahamad, Director of Tech’s Information Security Center (GTISC).

Ahamad coordinated Schmidt’s interactions with Tech, which included delivering lectures to graduate classes and conducting research with faculty on a regular basis.

He and Schmidt both worked on a project for the Japanese Ministry of Internal Affairs and Communications.

“[The ministry] was interested in the policies and practices that U.S. government agencies and companies have developed and followed,” Ahamad said, “Schmidt helped them figure out who to talk to and what kind of info they needed to address.”

Research projects like this are usually funded by the contractor, in this case the ministry, and completed at Tech by faculty or students.

Schmidt also helped Ahamad set up the GTISC’s Industry Advisory Board—composed of various industry professionals and advisors from companies like Intel and Bank of America—that gives them advice on academic research. GTISC also hosts the Information Security Summit, open to all faculty, students and non-GT guests; Schmidt delivered a keynote speech to one of them regarding online identity management challenges.

“We do joint projects that are funded by industry, like AT&T and IBM, so we find a common problem or interest with them, and develop a research project,” Ahamad said, “There are a number of places where we do this kind of research, and they are of course more worried about real-world problems, so the advisory board in some sense helps us go after real-world problems.”

The board helps define what the problems are and what problems companies face, and the companies provide resources and funding to work on the research projects or to help address those research problems. Funding is typically used as salaries for graduate students, and sometimes undergraduates, during these research projects.

Ahamad’s own research concerns information security, identity management and authentication, like how to make servers and storage services trustworthy and resilient to failures and attacks. Aside from research, he teaches at an undergraduate and graduate level.

“I taught Introduction to Information Security, now taught by former CoC Dean Demillo that really introduces cybersecurity threats and defenses we have from a technical and policy standpoint,” Ahamad said.

“You learn a broad overview of cybersecurity threats, how to counter threats, software security, database security, network security and cryptography. It’s a great class that’s not just for computer science people, but knowing how to program, like from taking CS1371, and understanding a discrete math would help you understand more easily,” Ahmed said.

Ahamad teaches Secure Computer Systems, a graduate-level CoC class and is a proponent of both graduate and undergraduate research.