Schmidt: private sector key to warding off cyber attacks

Published 8 April 2010

White House cybersecurity coordinator says the private sector is where the best defense against cyberattacks and cyber warfare can be mounted; the government can do a lot to improve U.S. cyber defenses, but the key to warding off attacks remains private-sector vigilance; one major technology Web site agrees: “This is a battle every IT security professional must fight from the foxholes”

Private sector vigilance is the best protection against the sort of cyberattacks discovered in January that struck Google and other companies, the White House’s cybersecurity coordinator told a conference the other rday.

Speaking at the CSO Perspectives 2010 conference, Howard Schmidt told attendees that private sector companies must ultimately remain responsible for protecting their own networks, reports

[Schmidt] believes the best defense remains in the hands of the private sector.

“You guys have been carrying the water,” Schmidt told attendees at CSO Perspectives 2010 Tuesday. The government can do a lot to improve the nation’s cyber defenses. But ultimately, he said, the key to warding off attacks like the one Google experienced remains private-sector vigilance.


Matthew Harwood writes that Schmidt also continued to downplay talk of “cybergeddon,” or the idea that an adversary could launch a digital Pearl Harbor against the United States. As far back as 2003, Schmidt told Wired magazine that cyberattacks are “weapons of mass disruption,” noting “Is it possible that we could have a catastrophic failure on a regional basis? Absolutely. Could we see that on a universal basis? That likelihood has been reduced significantly.”

Harwood notes that nearly seven years later his tune has not changed much. Last month, Schmidt told’s Threat Level blog matter of factly, “There is no cyberwar.”

His stance directly contradicts the former Director of National Intelligence, Mike McConnell. Only days before Schmidt’s conversation with Wired, McConnell wrote an op-ed for the Washington Post stating, “The United States is fighting a cyber-war today, and we are losing. It’s that simple.”

It is not as if Scmidt does not believe cybersecurity is a real threat — he believes it is. As reports, the threats are not a return to global confrontation between nation-states.

As far as he’s concerned, this isn’t an online version of East against West or Allies against Axis,” the technology Web site reports. “What we’re seeing, he believes, is more about online riots and hacktivism, where a ragtag band of malcontents express their displeasure over government policy by launching distributed denial-of-service attacks like of the sort that pounded the networks of Estonia in 2007.”

Harwood also notes that while Schmidt disagrees with the warfare metaphors used to describe online threats, this did not stop from using their own military metaphor. “This is a battle every IT security professional must fight from the foxholes,” the Web site admonished.