The President's 10-Point Cybersecurity Action Plan

Obama to Name IT Security Adviser

By , May 29, 2009.
The President's 10-Point Cybersecurity Action Plan


See Also: Understanding the Opportunities and Threats in Mobile Banking

resident Barack Obama on Friday presented a 10-point near-term action plan aimed at securing the federal government's and the nation's critical IT infrastructure.

"This new approach starts at the top, with this commitment from me: From now on, our digital infrastructure - the networks and computers we depend on every day - will be treated as they should be: as a strategic national asset," Obama said. "Protecting this infrastructure will be a national security priority. We will ensure that these networks are secure, trustworthy and resilient. We will deter, prevent, detect, and defend against attacks and recover quickly from any disruptions or damage."

Though he said he would personally pick a cybersecurity adviser, no choice has been made. That person, though, will not report directly to the president, which could disappoint those on Capitol Hill seeking a higher ranking adviser.

Still, initial reaction from Congress was positive, even among those who had hoped for a more senior-level cybersecurity adviser.

"This White House report is a good starting point for the work that lies ahead and incorporates many of the CSIS (Center for Strategic and International Studies) recommendations, including increased coordination between the private and public sectors and within various government agencies," Rep. Jim Langevin, the Rhode Island Democrat who co-chairs the House Cyber Security Caucus as well as the CSIS's Commission of Cybersecurity for the 44th Presidency said in a statement. "I am especially pleased to hear President Obama refer to our cyber infrastructure as a strategic national asset a top national security priority."

Karen Evans, who served as the de facto federal chief information officer for more than five years until this past January, said she was excited by Obama's remarks, which recognize the importance of cybersecurity to the entire nation. What impressed her, she wrote in an e-mail message, was the coordination of IT security policy between the new cybersecurity director and the federal CIO and chief technology officer. Plus, she said, there's accountability. "The difference I see now is there is one person the president will hold accountable to address this issue to ensure all aspects are being addressed throughout the country while also addressing the economic impact of any future policy direction," she said.

The president assured Americans that the government will not monitor private-sector networks or Internet traffic. "We will preserve and protect the personal privacy and civil liberties that we cherish as Americans," he said. "Indeed, I remain firmly committed to net neutrality so we can keep the Internet as it should be - open and free."

In his White House speech, Obama said he plans to:

1. Appoint a cybersecurity policy official responsible for coordinating the nation's cybersecurity policies and activities; establish a strong National Security Council directorate, under the direction of the cybersecurity policy official dual-hatted to the NSC and the National Economic Council, to coordinate interagency development of cybersecurity-related strategy and policy.

2. Sign off on an updated national strategy to secure the information and communications infrastructure. This strategy should include continued evaluation of Comprehensive National Cybersecurity Initiative activities and, where appropriate, build on its successes.

3. Designate cybersecurity as one of his key management priorities and establish performance metrics.

4. Designate a privacy and civil liberties official to the NSC cybersecurity directorate.

5. Convene appropriate interagency mechanisms to conduct interagency-cleared legal analyses of priority cybersecurity-related issues identified during the policy-development process and formulate coherent unified policy guidance that clarifies roles, responsibilities, and the application of agency authorities for cybersecurity-related activities across the federal government.

6. Initiate a national public awareness and education campaign to promote cybersecurity.

7. Develop U.S. Government positions for an international cybersecurity policy framework and strengthen our international partnerships to create initiatives that address the full range of activities, policies, and opportunities associated with cybersecurity.

8. Prepare a cybersecurity incident response plan; initiate a dialog to enhance public-private partnerships with an eye toward streamlining, aligning, and providing resources to optimize their contribution and engagement.

Follow Eric Chabrow on Twitter: @GovInfoSecurity

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Biz Email Fraud Could Hit $1 Billion

Wire fraud perpetrated via business email compromises has quickly become a top concern for banking...

Latest Tweets and Mentions

ARTICLE Biz Email Fraud Could Hit $1 Billion

Wire fraud perpetrated via business email compromises has quickly become a top concern for banking...

The ISMG Network