Obama unveils new cybersecurity strategy
New White House office to coordinate cybersecurity efforts
President Barack Obama today said his administration would pursue a "new comprehensive approach” for securing the country’s digital infrastructure, and that he would create an office – led by a senior official yet to be named – in the White House to coordinate cybersecurity efforts.
“This new approach starts at the top with this commitment from me: from now on our digital infrastructure – the networks and computers we depend on everyday – will be treated as they should be, as a strategic national asset,” Obama said during a news conference today at the White House.
Obama said the new White House cybersecurity office would to be led by a coordinator whom he will select and depend on for all matters relating to cybersecurity. The office will orchestrate and integrate all cybersecurity policies for the government, working closely with the Office of Management and Budget and coordinating responses to cyber attacks, the president said.
Obama to handpick cybersecurity coordinator – GCN.com White House Web site makes case for cybersecurity – GCN.com Obama plan prompts praise and questions – Washington Technology
The new cybersecurity coordinator will be a member of the White House’s national security staff as well as the president’s National Economic Council, Obama said. The president also said the office would include a person in charge of ensuring the privacy and civil liberties are protected.
“Our pursuit of cybersecurity will not include – I repeat will not include – monitoring private sector networks or Internet traffic,” Obama said.
Business executives, senior lawmakers and an influential Center for Strategic and International Studies’ commission on cybersecurity had urged the administration to create the so-called cyber czar position. For months, the media and analysts have speculated on whether or not the White House would do so. Lawmakers have also introduced legislation that would mandate such a position.
Obama’s announcement came as he released the much anticipated report based on a 60-day review of cybersecurity policy led by Melissa Hathaway, acting senior director for cyberspace for the National Security Council.
Hathaway's team completed the review on April 17 after reviewing relevant presidential policy directives, executive orders, national strategies, as well as taking input from agencies, industry, academia, the civil liberties and privacy communities, state and international governments, and the legislative branch.
The report included recommendations for how the government should move forward including two action plans; one for the near-term and one for the mid-term. In his speech, Obama said the report outlines actions that the administration will pursue.
Jim Lewis, who chaired CSIS report, said we was pleased that the president committed to all the major policy recommendations put forth in the CSIS study. "What was really important was the president saying that cyber security is an issue that impacts our strategic national assets. That's an immense break through," Lewis said.
To assure a coordinated approach across the government, Obama said, the new cybersecurity coordinator would work closely with White House Chief Technology Officer Aneesh Chopra and Chief Information Officer Vivek Kundra.
Chopra said: "The president was very clear that as this is a national security and an economic issue. Building a secure, reliable internet can actually be a catalyst for economic growth." Chopra also said he believed that he, Kundra and other leaders are "well positioned to set up innovation platforms for agencies to consider" in building more reliable approaches to using the Internet.
To ensure accountability at federal agencies, Obama said that cybersecurity would be designated as one of his key management priorities. "Clear milestones and performances metrics will measure progress," he said.
Alan Paller, research director of SANS, an information security and certification organization, said "the two biggest things – among the 24 items outlined in the report – are putting the [reporting] responsibilities for the cyber coordinator into to the White House, with access to the president – and the use of federal procurement" to provide leverage to many of the recommendations in the president's plan.
Staff writer Wyatt Kash contributed to this article.