How much "cybersecurity" will we achieve?
When the Obama administration came into office, some of its best and brightest thinkers started looking at the issue of security on the world wide web, or "cybersecurity." The thinking was undoubtedly spurred when the White House computers went down for a day as staffers were moving in. More and more reports of breaches to private and government computers, fears about Russia, China's efforts to break into U.S. computers and other issues related to terrorism and the internet persisted.
Cybersecurity was an issue that had been discussed by the previous administration, but nothing was ever done about it, possibly because it has been hard to determine who should be in charge of the overall program. The Director of National Intelligence, retired Admiral Dennis Blair, proposed at this confirmation hearing that the NSA should run it. Rod Beckstrom, a Silicon Valley entrepreneur who resigned his post as the director of America's National Cyber Security Center in March, claiming that a lack of support was preventing him from doing the job. But the firestorm of protest that went on for weeks eventually calmed when the headline from Wired Threat Level (4/21/09), "NSA Chief: ‘We Do Not Want to Run Cyber Security’," appeared. To quote:
NSA Director Lt. Gen. Keith Alexander, speaking at the RSA Security Conference in San Francisco, told the audience of security professionals on Tuesday that the NSA does "not want to run cyber security for the United States government."
Aiming to dispel news reports — and counter previous intelligence agency statements — that the National Security Agency is angling to grab the top spot in the government’s cyber security initiative, Alexander said it’s a job that’s bigger than one agency and that the NSA isn’t looking to control but rather to partner with DHS, other defense departments, industry and law enforcement.
President Obama asked for a report in 60 days on the extent of the threats and put former Bush administration adviser, Melissa Hathaway in charge of it the study. Hathaway wrote about it on the White House blog on 5/29. Both Hathaway and Beckstrom could be in contention for the czar position, according to The Guardian. But according to the AP,
As many as a half dozen candidates — from the public and private sector — are being considered for the job, according to officials familiar with the discussions.
Obama's announcement comes as the Pentagon is poised to create a new cyber command to improve protection of military networks and coordinate its offensive and defensive cyber missions.
President Obama presented a briefing Friday, as the White House released a report on a 60-day review of the nation’s cybersecurity efforts (.pdf). The report was conducted by acting White House cybersecurity chief Melissa Hathaway, who is considered a front runner for the permanent czar job, according to Wired Threat Level. After months of rumors, Obama confirmed that the White House will be creating a new office to be led by a cybersecurity czar. The story's headline, "Obama Says New Cyberczar Won’t Spy on the Net," is from (5/29/09). To quote:
. . . The office will be in charge of coordinating efforts to secure government networks and U.S. critical infrastructures. . . Obama was quick to add that the new White House cybersecurity office would include an official whose job is to ensure that the government’s cyber policies don’t violate privacy and civil liberties of Americans. He also reaffirmed his support for the principle of net neutrality.
“Our pursuit of cybersecurity will not include — I repeat, will not include — monitoring private sector networks or internet traffic,” he said. “We will preserve and protect the personal privacy and civil liberties that we cherish as Americans. Indeed, I remain firmly committed to net neutrality so we can keep the internet as it should be, open and free.”
. . . in his address on Friday, Obama said the new cybercoordinator will have “my full support and regular access to me as we confront these challenges.”
. . .“From now on our digital infrastructure, the networks and computers we depend on every day, will be treated as they should be — as a strategic national asset,” Obama said. “Protecting this infrastructure will be a national security priority. We will ensure that these networks are secure, trustworthy and resilient. We will deter, prevent, detect and defend against attacks and recover quickly from any disruptions or damage.”
The story of the report is also in Wired Threat Level (5/29/09):"Obama Cybersecurity Report Addresses Critical Infrastructure and Privacy Issues." The article includes a good set of highlights from the recommendations. To quote:
A cybersecurity report . . . touches on everything from establishing communication networks for emergency response teams to the role government should play in the protection of critical infrastructure networks and whether or not entities that experience a breach should have to notify governments and law enforcement agencies. Privacy and civil liberties concerns receive a repeated nod, with privacy being mentioned in the report more than five dozen times.
The 76-page report (.pdf) was released in conjunction with a White House announcement that the president will be creating a new cybersecurity office and czar, as well as a privacy and civil liberties official to oversee the government’s cybersecurity plans.
How much cybersecurity will result from all of this is not yet known. But it certainly seems like a good start. Hathaway, if she is named the czar, had a very good reputation. Both she and President Obama seem cognizant of the concerns about privacy raised by civil libertarians. That concern has been dampened now that the office will be in the White House and not the NSA. And it is "down one rung" on the White House authority ladder (under both the National Security and Economic Security councils) because both private and government internet needs must be protected. And it seems clear that the czar will have adequate direct access to the President, who will probably get to settle any remaining turf battles. Much remains to be seen as the military arm of cybersecurity is more fully revealed. And finally, President Obama has reaffirmed his support for net neutrality.
(Cross-posted at Making Good Mondays.)
Labels: cyberterrorism, Internet, national security, Obama Administration
0 Comments:
Post a Comment
<< Home