The Whitehouse Releases 60 Day Cyber Security Review


Early after President Obama was nominated I wrote an open letter to President Obama for actions that I believed the administration would need to take in the first 90-days “Open Letter to Barack Obama: Securing Critical Infrastructure – The First 90 Days” These included a policy review and some suggestions on methods the administration would need to implement to secure our digital infrastructure. President Obama appointed Melissa Hathaway to lead the review, which has now been completed.

In a blog post titled “Securing our Digital InfrastructureMelissa Hathaway states…

We now have a strong and common view of what is needed to achieve change.   Ensuring that cyberspace is sufficiently resilient and trustworthy to support U.S. goals of economic growth, civil liberties and privacy protections, national security, and the continued advancement of democratic institutions requires making cybersecurity a national priority.

During the Presidential press briefing President Obama stated

Today I’m releasing a report on our review, and can announce that my administration will pursue a new comprehensive approach to securing America’s digital infrastructure.

This new approach starts at the top, with this commitment from me:  From now on, our digital infrastructure — the networks and computers we depend on every day — will be treated as they should be:  as a strategic national asset.  Protecting this infrastructure will be a national security priority.  We will ensure that these networks are secure, trustworthy and resilient.  We will deter, prevent, detect, and defend against attacks and recover quickly from any disruptions or damage.

There is nothing revolutionary in their findings, nor in their near and mid-term action plans to address the deficiencies of our current program. What is encouraging and what we must all recognize is that this administration has elevated the conversation and is building national awareness across our entire population, not just the security professionals and IT geeks.

Many in the security industry are already complaining that it isn’t enough, that there is more that should be done, that it all rings hollow and has been tried before. What they seem to be unable to rationalize is that we have an administration that not only understands the scope of the problem and associated threats but is working aggressively to implement policies, procedures and technologies to address them.

Regardless of your thoughts on the review and announcement of a cyber security coordinator, information security and the demands to secure our critical infrastructure is a US administration priority and we should all agree that is a very positive step.

The 60 day cyber security review to the President contains five main chapters, outlined below, and includes a near-term action plan for U.S. Government activities to strengthen cyber security. I encourage all of you to review the document and ask what you can do to for our country.

Leading from the Top – Makes the case for strengthening cybersecurity leadership for the United States through 1) the establishment of a Presidential cybersecurity policy official and supporting structures, 2) reviewing laws and policies, and 3) strengthening cybersecurity leadership and accountability at federal, state, local, and tribal levels.

Building Capacity for a Digital Nation – Advocates a national dialogue on cybersecurity to increase public awareness of the threats and risks and how to reduce them.  Outlines the need for increased education efforts at all levels to ensure a technologically advanced workforce in cybersecurity and related areas, similar to the United States’ focus on mathematics and science education in the 1960s.  Identifies the need to expand and improve the federal information technology workforce and for the Federal government to facilitate programs and information sharing on cybersecurity threats, vulnerabilities, and effective practices across all levels of government and industry.

Sharing Responsibility for Cybersecurity – Discusses the need for improving and expanding partnerships between the Federal government and both the private sector and key U.S. allies.

Creating Effective Information Sharing and Incident Response – The United States needs a comprehensive framework to facilitate coordinated responses by government, the private sector, and allies to a significant cyber incident.  This chapter explores elements of such a framework and suggests enhancements to information sharing mechanisms to improve incident response capabilities.

Encouraging Innovation – The chapter addresses ways for the United States to harness the benefits of innovation to address cybersecurity concerns, including work with the private sector to define performance and security objectives for future infrastructure, linking research and development to infrastructure development and expanding coordination of government, industry, and academic research efforts.  It also addresses supply chain security and national security / emergency preparedness telecommunications efforts.

What we need now is action, a long-term commitment to maintain the health and improve the security of our nations critical infrastructure. That we can build a world that is safe to use and transfer digital information, that we support innovation of new technologies and evolve existing ones. That we will prosper and that technology will be a key element of that prosperity for decades to come. As President Obama mentioned in his press briefing

In short, America’s economic prosperity in the 21st century will depend on cybersecurity.

One thought on “The Whitehouse Releases 60 Day Cyber Security Review

  1. I have ready up on several of the top Cyber Security minds and I was wondering if I might be able to contact you or someone regarding the creation of a high level R&D Cyber security team for a for a top Defense Contractor I work with. I need someone with a clearance, experience and the background to manage and execute this objective to success. I figured someone might have a recommendation for me.

    Feel free to email me privately

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s