Yucca Mountain’s death just a few steps away - Steve Marcus / FILE

The Obama administration promised Monday it would withdraw the application to open a nuclear waste repository at Yucca Mountain.

By Paul Reynolds, World affairs correspondent BBC News website

The decision by the Obama administration to drop plans to base an anti-ballistic missile defence system in Poland and the Czech Republic is a huge shift in American foreign and defence policy.

There are several immediate implications. First, it is a major signal, which has followed a number of others, that the United States is adopting a far more cautious and flexible foreign policy under President Obama than it did under President Bush.

President Bush was determined on the European-based system and agreements had been reached with Poland to base 10 anti-missile interceptors there and with the Czechs for them to house the system's radar.

President Obama ordered a review when he came into office. He has now been told that Iran is concentrating less on long-range ballistic missiles that might one day reach the United States and more on shorter range one that could reach parts of Europe.

This has given him a technological reason to change and he will use this to fend off criticism that he has given in to Moscow. He was careful to say that his military chiefs agreed with him.

Relations with Moscow

The second effect will be on US relations with Russia. Here the picture will be mixed. The Russians will be pleased and therefore relations will be eased. The Russians had claimed the system might be a threat to them, though the US said it would not. The US felt that the Russians were simply making an excuse to meddle in the affairs of their near neighbours.

But the Russians might also feel triumphant and conclude that their tough approach is one that brings respect and results.

The US might hope for spin-offs from more relaxed relations - in that the Russians might be more willing to agree to increased sanctions against Iran and might show greater flexibility in nuclear weapons and anti missile talks. But neither is certain.

Third, this indicates that the Obama team is looking closely at the claims for technology. The experts have been having some doubts about the whole shield system.

Shorter range anti-missiles have proved promising. Perhaps this means he will also be looking sceptically at claims that Iran is developing an actual nuclear weapon. That could mean a reluctance to attack Iranian nuclear plants without rock-solid information, though this would not necessarily stop the Israelis from doing so.

Not that the president wishes to be seen as soft on Iran. He states that his new proposals will be smarter and better in countering any threat from Iranian missiles.

Hardliners 'let down'

Fourth, the Polish and Czech governments might have mixed feelings. They had invested considerable capital in agreeing to the system. Some hardliners in Eastern Europe might feel let down.

Others might be relieved. There will be debates about the long-term US commitment to Europe. That is why the president mentioned Nato's article 5 in his announcement - an attack on one will still be an attack on all.

Fifth, on the military side, this heralds a shift of emphasis in the whole US anti-missile defence strategy. It is not an end to it but it is a change to it.

The emphasis will now be on regional and shorter-range defence. The Israeli example might be a good one. The US is co-operating with the Israelis on the Arrow anti-missile missile and on a shorter range missile interceptor known as David's Sling.

Such methods will now come to the fore. And the existing Aegis ship-based defence, already deployed near Japan, will also have renewed importance.

Nearly seven months after highlighting the vulnerability of banking, energy and communications systems to Internet attacks, the White House on Tuesday is expected to name a technology industry veteran to coordinate competing efforts to improve the nation’s cybersecurity in both military and civilian life.

The decision to appoint Howard A. Schmidt, an industry executive with government experience who served as a cybersecurity adviser in the Bush administration and who also has a military and law enforcement background, is seen as a compromise between factions. Government officials and industry executives say there has been a behind-the-scenes dispute over whether strict new regulations are necessary to protect the network that increasingly weaves together the vast majority of the world’s computers.

Mr. Schmidt will report to the National Security Council — not both to the council and to the National Economic Council, as previously planned, an administration official said on Monday. Mr. Schmidt will also “have regular access to the president,” said the official, who spoke on the condition of anonymity because he had not been authorized to talk publicly about the appointment.

Cybersecurity has taken on new urgency this year in the face of a growing range of cyberattacks and reports of vulnerabilities in business and military computing systems. Indeed, at the May 29 announcement of his administration’s decision to create the position of cybersecurity coordinator, Mr. Obama described how during his presidential campaign computer intruders had “gained access to e-mails and a range of campaign files, from policy position papers to travel plans.”

“It was,” he said, “a powerful reminder: in this information age, one of your greatest strengths — in our case, our ability to communicate to a wide range of supporters through the Internet — could also be one of your greatest vulnerabilities.”

After reviewing the nation’s cybersecurity preparedness, the White House said it would create the position of cybersecurity coordinator to harmonize the nation’s various efforts to “deter, prevent, detect and defend” against cyberattacks.

The administration’s decision to appoint Mr. Schmidt was slowed by a tug of war among political, military, intelligence and business interests, said people with direct knowledge of the selection process. Industry officials, for example, have expressed concern that new regulations would dampen innovation.

In recent months the administration has been criticized by lawmakers and others for not moving more quickly to fill the position. Experts on the issue had questioned how effective a cybercoordinator could be if forced to report to two governmental councils without direct access to the president.

“I’ve come away with a strong sense that Vivek Kundra, chief information officer, and Aneesh Chopra, the chief technology officer, and participants at the N.S.C. are aligned on this effort,” said Vinton Cerf, a co-author of the original Internet standards who has been consulted by the administration in choosing a “cyberczar.”

The White House official also said that criticisms that the administration had been frozen on cybersecurity policies while waiting for the appointment of a cybersecurity chief were inaccurate, citing a range of initiatives now under way at various agencies to improve cybersecurity. In November the White House met with a Russian delegation of cybersecurity officials in an effort to build cooperation on international law enforcement issues.

One significant difference in the Obama administration’s approach to cybersecurity and that of the previous administration has been the degree of secrecy about strategy and policy issues. In the Bush administration, cybersecurity decisions were made in a highly classified fashion. What remains unclear, however, is how the new administration will balance cybersecurity decisions between military and civilian organizations.

In May the administration’s cybersecurity review was not specific about transforming the administration’s goals into practical realities. At the time Mr. Obama did not explain how he planned to go about resolving the running turf wars among the Pentagon, the National Security Agency, the Department of Homeland Security and other agencies over the conduct of defensive and offensive cyberoperations.

Mr. Schmidt is the chief executive officer of the Information Security Forum, a nonprofit computer security trade association based in London. He has served as chief information security officer at eBay and chief security officer at Microsoft. In the Bush administration, he was the vice chairman of the president’s Critical Infrastructure Protection Board and a special adviser for cyberspace security.

He also served in the Air Force and the Army in computer security roles and led a computer forensics team for the Federal Bureau of Investigation at the National Drug Intelligence Center.

----------------------


Schmidt talked here (not in the story below).

ISF Panelists Spar Over Security vs. Anonymity
By Renay San Miguel
TechNewsWorld
Part of the ECT News Network
11/03/09 11:08 AM PT

Can the Web's big-time masters of malware really be tracked down? How risky is cloud computing to network security? And what challenges await the Obama administration's plans to lock down the nation's electronic infrastructure -- while at the same time creating a "smart grid?"

Left to right: Howard Schmidt, Mary Ann Davidson, Greg Garcia, Bruce Schneier and Alexander Seger

An experienced panel of computer security experts representing industry, governments and law enforcement batted around possible answers to those questions Monday during a "guru fireside" session that was a highlight of the Information Security Forum's 20th World Congress. Some 500 ISF members are in Vancouver, British Columbia, this week for keynote speeches and sessions focusing on the latest trends in information security.

The "guru" panel included Mary Ann Davidson, chief security officer for Oracle (Nasdaq: ORCL); Bruce Schneier, an oft-quoted cryptologist and author; Greg Garcia of Garcia Strategies, who was the first U.S. Assistant Secretary for Cybersecurity and Communications under former Pres. George W. Bush; and Alexander Seger, head of the economic crime division of the 47-member Council of Europe. ISF president/CEO Howard A. Schmidt, a former Microsoft (Nasdaq: MSFT) security executive and the nation's first cybersecurity czar immediately after the Sept. 11 attacks, hosted the panel.

Schneier, chief technology officer for BT Counterpane Security, is known to speak his mind regarding issues of privacy, government regulation of networks and law enforcement techniques. He's written extensively on those subjects for The New York Times, the Guardian, Forbes and Wired. So it probably came as no surprise to the other panelists, and the audience, when he challenged Seger's contention that law enforcement officials need legislation and regulatory weapons to help them track down large-scale hackers and identity thieves.

"I'm sorry, but you're not going to be able to track attacks," Schneier said. "I would like it to be different, but you can't do it."

"You can, Bruce, but it's very hard to do," interjected Garcia.

"You cannot take a [data] bit and backtrack it to where it came from," Schneier maintained. "You don't know who's in front of the keyboard sending it out there. You cannot do it, a bit does not have location specificity. It's a bit. It's not that you can't have identification. Banks work great, corporate networks work great. But you cannot make a system that doesn't have anonymity."

Web Anonymity, 'Smart Grid' Risks

All the panelists were asked to give their take on present trends in cybersecurity and technology overall, and Schneier's emphasis on anonymity with Garcia and Seger was a continuation of his thesis that anonymity is not inherently bad, but trying to punish anonymity in the search for Web safety is dangerous. "You make it harder for the naive or the innocent to do things, and no harder for criminals or the determined," he said. "That isn't to say you can't have identity. You can build a network with different degrees of working well -- bank accounts, Facebook accounts, you can have different levels of identity, but you're not making anonymity go away."

Closed platforms, Schneier added, will be the rule -- which opens up a world of focusing on services rather than devices -- and the government would have more clout if it cleaned up its own networks and used its buying power to demand better products from vendors. "If big government comes out with a contract for a secure laptop or a firewall or database or OS, and has a list of security requirements, then the contract will be big enough that vendors will need to meet those requirements and produce more secure products."

Moving health and medical records online concern both Schneier and Davidson, and Davidson added that "smart grid" plans are another potential risk. "Figure out what problem you're trying to solve before you throw technology at it," she said. "Now we want to put everybody's house on the grid without thinking about the neighborhood kid knocking you off the grid, or being subject to attacks. I don't think people understand the risk they're exposing us to by doing that. "

Medical records online could also pose threats by hackers changing those records or using them to blackmail the innocent.

"Not that I think we should stop all progress, but my concerns are that we are coming up the awareness curve to some degree that this is infrastructure that needs to be both defensive and self-defending, which is a different construct than what we have now," Davidson said.

Cybersecurity Is Not a Red/Blue Issue

The good news in Washington, D.C., is that cybersecurity does not appear to be a partisan political issue, Garcia said. The Obama administration has basically affirmed the strategy Download Free eBook - The Edge of Success: 9 Building Blocks to Double Your Sales that he and others in the Bush administration had worked on to place network/infrastructure protection on a higher level of priority. "Now it is incumbent upon this administration take that strategy, which is on pretty firm conceptual footing, and now turn it into something that is operational, executable and well-organized," Garcia said. "That's what's lacking now. We were not well organized in the Bush administration because we had too much mission creep from other organizations involved," including various aspects of the military, the intelligence community and the State Department.

Whoever ends up with the job of White House-level cybersecurity adviser -- promised by President Obama -- will need to lay out the roles and responsibilities for those agencies with a stake in network protection.

The picture is cloudier regarding the enterprise, Garcia said. Hackers and cybercriminals are becoming more sophisticated in their use of technology, and some companies still aren't taking network security seriously. "They are doing risk assessments and saying they'll consider a cyberattack as a cost of doing business. I think that's potentially dangerous thinking," he said.

Also potentially dangerous: relying on cloud computing for protecting personal and corporate data without first asking a lot of questions regarding security, Davidson said. "It's not about whether somebody does a service for you, that's a business decision. But when something is important to you and you hand it off, you still need to answer basic questions -- 'where is my data? who has access to it?' And if you cannot answer those questions, this whole idea of the cloud, 'just trust us,' is silly."


---------------------

Western International University Graduation 2007- Sean's (r.) video

Commencement speaker (l.), 2007, Western International University, and the following information comes from the video taken by Sean's family of that graduation ceremony.  Schmidt addresses, live, the graduates about how he got his college degree in his 30's and his master's in his 40's from the University of Phoenix.  The e-graduation speakers, via the Internet, were, among others, Senator John McCain, Governor Janet Napolitano of Arizona.

Howard A. Schmidt CISSP, CISM
President & CEO R & H Security Consulting LLC
Former Chair of President Bush’s Critical Infrastructure Protection Board and
Special Adviser for Cyberspace Security for the White House

Howard A. Schmidt has had a long distinguished career in defense, law enforcement and corporate security spanning almost 40 years. He has served as Vice President and Chief Information Security Officer and Chief Security Strategist for online auction giant eBay. He most recently served in the position of Chief Security Strategist for the US CERT Partners Program for the National Cyber Security Division, Department of Homeland Security.

He retired from the White House after 31 years of public service in local and federal government. He was appointed by President Bush as the Vice Chair of the President’s Critical Infrastructure Protection Board and as the Special Adviser for Cyberspace Security for the White House in December 2001. He assumed the role as the Chair in January 2003 until his retirement in May 2003.

Prior to the White House, Howard was chief security officer for Microsoft Corp., where his duties included CISO, CSO and forming and directing the Trustworthy Computing Security Strategies Group.

Before Microsoft, Mr. Schmidt was a supervisory special agent and director of the Air Force Office of Special Investigations (AFOSI) Computer Forensic Lab and Computer Crime and Information Warfare Division. While there, he established the first dedicated computer forensic lab in the government.

Before AFOSI, Mr. Schmidt was with the FBI at the National Drug Intelligence Center, where he headed the Computer Exploitation Team. He is recognized as one of the pioneers in the field of computer forensics and computer evidence collection. Before working at the FBI, Mr. Schmidt was a city police officer from 1983 to 1994 for the Chandler Police Department in Arizona.

Mr. Schmidt served with the U.S. Air Force in various roles from 1967 to 1983, both in active duty and in the civil service. He had served in the Arizona Air National Guard from 1989 until 1998 when he transferred to the U.S. Army Reserves as a Special Agent, Criminal Investigation Division where he continues to serve. He has testified as an expert witness in federal and military courts in the areas of computer crime, computer forensics and Internet crime.

Mr. Schmidt had also served as the international president of the Information Systems Security Association (ISSA) and the first president of the Information Technology Information Sharing and Analysis Center (IT-ISAC). He is a former executive board member of the International Organization of Computer Evidence, and served as the co-chairman of the Federal Computer Investigations Committee. He is a member of the American Academy of Forensic Scientists. He serves as an advisory board member for the Technical Research Institute of the National White Collar Crime Center, and was a distinguished special lecturer at the University of New Haven, Conn., teaching a graduate certificate course in forensic computing.

He served as an augmented member to the President’s Committee of Advisors on Science and Technology in the formation of an Institute for Information Infrastructure Protection. He has testified before congressional committees on computer security and cyber crime, and has been instrumental in the creation of public and private partnerships and information-sharing initiatives. He is regularly featured on CNN, CNBC, Fox TV as well as a number of local media outlets talking about cyber-security. He is a co-author of the Black Book on Corporate Security.

Mr. Schmidt has been appointed to the Information Security Privacy Advisory Board (ISPAB) to advise the National Institute of Standards and Technology (NIST), the Secretary of Commerce and the Director of the Office of Management and Budget on information security and privacy issues pertaining to Federal Government information systems, including thorough review of proposed standards and guidelines developed by NIST.

Howard holds board positions on a number of corporate boards in both an advisory and director positions and recently has assumed the role as Chairman of the Board for Electronics Lifestyle Integration (ELI).

Mr. Schmidt holds a bachelor’s degree in business administration (BSBA) and a master’s degree in organizational management (MAOM) from the University of Phoenix. He also holds an Honorary Doctorate degree in Humane Letters. Howard is an Adjunct Professor at GA Tech with the GTISC.

2006

Melissa Hathaway tackles cybersecurity Mission Impossible