If you were going to choose someone for the highly sensitive position of cyber security chief for our nation, surely there are two employers you would least want to see on that person's resume: Microsoft and the Bush Administration. Am I right?
Schmidt is very very aware of the Nigerian email scam.
Well, apparently the Obama Administration feels differently. This morning the president announced that, after a months'-long search, his choice was Howard A. Schmidt of Issaquah, a man who held essentially the same position under W, and prior to that, had been chief security officer at Microsoft.
Schmidt's tenure in Redmond was around the time the company was boasting of "promises kept" with its new Windows 2000 operating system--which was then massively overrun by the Code Red worm, among others, the following year.
But however alarming Schmidt's pedigree--and however odd that his company's own Web site remains permanently "under construction" and looks like something an aspiring IT consultant from Des Moines might have built ten years ago--neither can compare to this interview that Schmidt conducted with a site called TechNewsWorld last month. A choice excerpt is after the jump.You might imagine that the main risk in interviewing the man chosen to oversee cyber security for the United States of America is that he'll talk over your head. No chance of that here. In fact, Schmidt can barely express a coherent idea, and his picture of the Internet (people are shopping there!) and its threats (Nigerian email scams!) seems about as sophisticated as your grandma's in 1999.
The interviewer is former CNN anchor Renay San Miguel, who now does some tech reporting for KING 5. They're at the 20th World Congress of Schmidt's organization, the Information Security Forum, and San Miguel asks him: "What are the trends you're seeing here regarding how they're dealing with the bad guys?"
Here is the response. All quotes are sic.
"Well, I think one of the first things is there's a clear recognition that the bad guys are different now than they were even five years ago. And I think it comes in a couple different ways. One, first and foremost, as the Internet becomes more a vehicle of the economy--online banking, online sales, all the ecommerce things we've been looking at--it's like any other segment of society, the bad guys come along with that. So they're becoming more of a threat from, how can I steal your money without getting anywhere near your house and worried about getting arrested by the police.
Also with that is, when you start looking at international laws with these things, I mean, we're all over the map. We have some countries that have really good cybercrime and cyberfraud laws. Others are sort of in the fledging stage right now. So that makes a difference. The other piece of this is how do you combat that. And once again it depends on how critical the IT system is to you and how much you're doing online. You know, it goes back to your first question a moment ago. The United States was a big target for phishers and scammers and all those people going off because we were the...spending a lot of money online. And other companies [i.e. countries] are saying, yeah, we want to spend money, relative to our GDP online, but we don't want to give those bad guys an opportunity to do it.
"So you're saying, with online, people can rob you without coming to your house? Seriously?"
Plus they're becoming more organized and more directed in their attacks. I mean, I remember, as I'm sure most of us have, at one point we used to get these Nigerian letters ["Sure," interjects San Miguel] about the fraud, we'd get'em in the mail. Then when fax machines became popular it was [garbled] the fax machines. Then it was email. And now it's Web sites and everything else. So that progression, I think we've recognized internationally that we need to sort of keep up with that and identify, what are the risks that we're doing with today, and plus more importantly, what are the threats that out there not only today, but what of our next generation of technology. What can people do to affect our ability to protect that."
There, aren't you feeling more secure now?