Highlights
-Obama administration posts broad new cyber-security strategy to Whitehouse.gov one day after being sworn into office
-Six-point cyber-security plans calls for a new high-level post to tackle cyber security, new regulations to combat cyber crime, and increasing the security of the nation’s most sensitive computer networks
-President Obama pledges to make cyber-security a top priority during a campaign speech and is working to deliver on that promise
One day into his term as President of the United States (US), Barack Obama’s administration unveiled its broad new strategy to fight cyber-attacks/crime and boost investment and research on cyber-security. The new strategy, which mirrors many of the recommendations outlined in a report issued by the Commission on Cyber-security for the 44th Presidency, a bipartisan commission of 60 governmental and business computer security experts, in December 2008 (Previous Report), is outlined in a broader policy document on homeland security priorities that was posted to Whitehouse.gov on January 21, 2009. The report issued by the commission was published by the Center for Strategic and International Studies, and called for sweeping changes to the way the federal government approaches cyber-security, including the creation of a new cyber-security office in the White House.
Included in administration’s new cyber-security strategy is the establishment of a new position of national cyber advisor. The person holding this position will report directly to the president and will be responsible for coordinating federal agencies cyber-security efforts and the development of a national cyber policy.
The relatively detailed cyber-security plans shows that the Obama administration has been spending time meeting with experts to craft its cyber-security agenda, and unlike past Presidential administrations, the Obama administration views computer security as a critical national asset. According to a former George W. Bush advisor who authored the administration’s “Strategy to Secure Cyberspace,” by declaring cyber-security a national asset, everyone is on notice that they’ve got to start doing their part to strengthen the nation’s cyber infrastructure.
Presidential Administration Details Plans
The Obama administration posted the following six cyber-security goals following his inauguration last week:
-Strengthen Federal Leadership on Cyber Security: Declare the cyber infrastructure a strategic asset and establish the position of national cyber advisor who will report directly to the president and will be responsible for coordinating federal agency efforts and development of national cyber policy.
-Initiate a Safe Computing R&D Effort and Harden our Nation’s Cyber Infrastructure: Support an initiative to develop next-generation secure computers and networking for national security applications. Work with industry and academia to develop and deploy a new generation of secure hardware and software for our critical cyber infrastructure.
-Protect the IT Infrastructure That Keeps America’s Economy Safe: Work with the private sector to establish tough new standards for cyber security and physical resilience.
-Prevent Corporate Cyber-Espionage: Work with industry to develop the systems necessary to protect our nation’s trade secrets and our research and development. Innovations in software, engineering, pharmaceuticals and other fields are being stolen online from U.S. businesses at an alarming rate.
-Develop a Cyber Crime Strategy to Minimize the Opportunities for Criminal Profit: Shut down the mechanisms used to transmit criminal profits by shutting down untraceable Internet payment schemes. Initiate a grant and training program to provide federal, state, and local law enforcement agencies the tools they need to detect and prosecute cyber crime.
-Mandate Standards for Securing Personal Data and Require Companies to Disclose Personal Information Data Breaches: Partner with industry and our citizens to secure personal data stored on government and private systems. Institute a common standard for securing such data across industries and protect the rights of individuals in the information age.
The plan also discusses ways to improve the security of critical infrastructures by tightening regulations for chemical plants and modernizing the electrical grid. Also of note, the homeland security agenda calls for ensuring that “security is considered and built into the design of new infrastructures, so that our critical assets are protected from the start and are more resilient to naturally-occurring and deliberate threats throughout their life-cycle.” This is an important point for the administration to stress considering that much of the hardware and software that currently runs the nation’s critical infrastructure systems, such as electricity, gas, and telecommunications, was built decades ago with little or no security measures implemented.
Making Cyber-Security A Top Priority
In a campaign speech delivered on July 16, 2008, President Obama first outlined his cyber-security strategy. The President stated, “As President, I’ll make cyber security the top priority that is should be in the 21st century.” The speed with which the President has outlined his cyber-security strategy shows that he is committed to moving quickly to improve the security of the US’s commercial and governmental computer systems and networks. Countries like China and Russia are intruding into commercial and governmental networks at an alarming rate, and are becoming increasingly proficient at stealing sensitive commercial trade secrets and national intelligence secrets.
In the near to mid-term, the success of the administration’s cyber-security plans will depend on the speed of the government to acquire Congressional funding for R&D of new cyber-security standards and programs and deploying more secure computing systems and software. The amount of decision making authority and access to the president given to Obama’s cyber advisor to keep him abreast of progress will also play a significant role in making quick and significant progress in increasing protection for the nation’s cyber infrastructure.
