Howard Schmidt, one of the security industry’s groundbreaking public policy mavens who served as the top White House cybersecurity advisor under two presidents, died on Thursday. He was 67.

Schmidt’s legacy stretches from the private sector, where he was CISO at Microsoft and eBay, to a lengthy career in public service most notably as cybersecurity coordinator under President Barack Obama and as White House special advisor for cybersecurity under President George W. Bush.

At each step of the way, Schmidt left a deep imprint guiding the creation of policies that help secure national interests in the face of intensifying online criminal activity and state-sponsored espionage.

“He was always such a bucket of knowledge and always wanted to do the right thing,” said Dave Kennedy, founder and CEO of TrustedSec and a colleague of Schmidt’s at (ISC)2. Schmidt was recently recognized with the organization’s lifetime achievement award and the RSA Conference Award for Excellence in the Field of Information Security two weeks ago in San Francisco.

“He was at our last board meeting and we all went out to dinner and he got the lifetime achievement award,” Kennedy said. “It was an emotional moment because we all knew it might be the last time we saw him. Howard was so happy and humbling when receiving. He was always that way; one of the best people I’ve ever met.”

While in the Bush White House, Schmidt was instrumental in the creation of the National Strategy to Secure Cyberspace, the first formal set of cybersecurity guidelines and recommendations from the government. Shortly after joining the Obama White House, Schmidt led the effort to bring National Strategy for Trusted Identities in Cyberspace to fruition, as well as the creation of a declassified version of the Comprehensive National Cybersecurity Initiative (CNCI).

“My two favorite memories of his time in the White House were when he was spitting mad, telling me ‘some 23 year old staffer in the Council of Economic Advisor replaced every ‘should’ and ‘will’ with ‘could’ and ‘might consider’ in the National Strategy to Secure Cyberspace,’ and when President Obama brought Howard over and told me ‘he does a pretty good job given that I have tied one of his hands behind his back,'” said Alan Paller, president and director of research for the SANS Institute.

Schmidt’s public service career began in 1967 when he joined the Air Force and did three tours of duty during the Vietnam War. Schmidt served as a police officer in Chandler, Az., before joining the FBI in 1994 where two years later he helped establish one of the government’s first computer forensics labs.

“I’m very saddened to hear about the passing of Howard. He was a great man, a champion of computer security, and his death is a big loss to America and to the whole world. Howard was a cybersecurity pioneer, a visionary, and a patriot,” said Eugene Kaspersky, founder and CEO, Kaspersky Lab.

“He also had a fantastic personality, and I was honored to be able to call him my friend,” Kaspersky said. “I wish we could have spent more time together, but I will always remember the great times we had together in Alaska and Hawaii. My deepest sympathies are now with Howard’s family.”

In 1997, Schmidt moved over to Microsoft as director of information security and eventually CISO and CSO. He was cofounder of what eventually became the Trustworthy Computing group. Steve Lipner, who ran the Microsoft Security Response Center at the time, worked closely with Schmidt on customer and government outreach, as well as response to Internet-wide attacks such as Code Red, and evangelizing security to Microsoft management. Lipner said Schmidt was instrumental in creating the team that fostered Bill Gates’ landmark 2002 Trustworthy Computing email.

“Howard always felt a higher calling to service to the government of the United States. There’s no better demonstration of that than the fact that, in late 2001, after the 9/11 attacks, he left Microsoft to join the White House cybersecurity policy office,” Lipner told Threatpost. “His departure meant that he was no longer at Microsoft when the Trustworthy Computing email—which reflected a lot of effort on his part—was released.”

Lipner succeeded Schmidt as executive director of SAFECode as Schmidt’s health began to fail. Schmidt worked at the nonprofit after he retired from his position with the Obama White House in 2012.

“I didn’t encounter him a lot while he was in that role, but from what I saw, he was again a ‘voice of reason’ pushing to get people and agencies to take practical steps and not overreact to the latest crisis du jour,” Lipner said.

Congressman Jim Langevin (D-R.I.) called Schmidt a luminary.

“Throughout my time working on cyber policy, Howard was always accessible, and he was a great asset in helping to explain the nuances of policymaking in this new domain,” Langevin said in a statement. “My heart goes out to his family in their time of grief—we have lost a true pioneer.”

Schmidt died at his home in Wisconsin. He is survived by his wife Raemarie and his family, which includes eight grandchildren. Schmidt was an avid motorcycle rider and owned a Harley Davidson.

“Howard Schmidt was a pillar of the cyber community,” said Tom Kellerman, CEO of Strategic Cyber Ventures. “He was one of the original champions of civilizing cyberspace. What he has done in his lifetime will echo in eternity.”

This article was updated March 3 with a comment from Eugene Kaspersky.

Categories: Government

Comment (1)

  1. Craig Spiezle
    1

    Howard was one of my mentors while both at Microsoft and throughout my current career. He was a champion of getting groups to the table to address key issues impacting both the public and private sector and set the “gold standard” of what we need going forward, Craig Spiezle CEO and Executive Director, Online Trust Alliance

    Reply

Leave A Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>