Obama's cybersecurity initiative wins praise

The president's focus on cybersecurity is a step in the right direction, experts say

U.S. President Barack Obama's announcement Friday of a new cybersecurity push by the U.S. government won widespread praise from the technology industry, with many people saying his attention to the issue is a major step toward better securing the nation's computer networks.

Obama's announcement and an accompanying cybersecurity report (PDF) largely contained ideas long called for by various cybersecurity experts, but the largest benefit of Friday's announcement was that Obama lent his name to the fight against cybercrime, said Larry Clinton, president of the Internet Security Alliance, a trade group focused on cybersecurity.

"A lot of the things that were discussed this morning have been said before, but it is a very big deal when the president says them," Clinton said. "The fact that this is elevated to the presidential level ... that is a big deal."

Obama announced that he will appoint a national cybersecurity coordinator, who will report directly to the president, and the U.S. government will collaborate with private groups to create a comprehensive national cybersecurity policy. The White House will also designate cybersecurity as a key management initiative and develop metrics for measuring improvements, Obama said.

The U.S. government will create a national cybersecurity education program, and it will invest in cybersecurity research and development, the president announced.

Cybersecurity experts and some lawmakers have long called for the U.S. government to focus more on cybersecurity, and Obama's announcement Friday gives the issue a much-needed boost, Clinton and other cybersecurity experts said.

Clinton and Bob Dix, vice president of government affairs at Juniper Networks, also praised Obama for saying that the new cybersecurity coordinator will be a member of both the U.S. National Security Agency and the National Economic Council.

"That's important because it means the president understands the need not just to look at the cybersecurity issue as a discreet, boutique technology issue -- which is the way a lot of people have treated it -- but rather as a fundamental element that affects all of our economy," Clinton said.

The major concern about the announcement was that it lacked detail. Obama didn't name a cybersecurity adviser, and the administration's cybersecurity strategy has yet to be developed.

"I think we're headed in a new direction," said Phil Dunkelberger, CEO of PGP, a vendor of cybersecurity products. "I think time is going to tell if it's the right direction."

The details of the plan will determine whether it's successful, Dunkelberger said.

Still, Dunkelberger said he was "pleasantly surprised" with Obama's speech. Former President George Bush also had a goal of improving cybersecurity, but Obama said cybersecurity is a personal goal, he said.

Obama has made cybersecurity a top priority, and he stressed that organizations and the U.S. government need accountability and responsibility for cybersecurity, Dunkelberger said.

"For the first time I've seen accountability has been mentioned as a part of this," he said.

Dix agreed that more details are needed, but called Obama's announcement a "very positive step."

"This isn't the end of it, this is the beginning of it," he said.

Dix and Clinton praised Obama's focus on government collaborating with private groups, instead of dictating mandates. Legislation introduced in the U.S. Senate in April would create new mandates for private industry, but Obama focused more on how government and private groups could work together, Dix said.

Some cybersecurity experts have recently called for broad new regulations, but that wasn't part of Obama's approach Friday, Clinton added.

"He made it very clear that the government will not be dictating technology standards for the private sector," Clinton said. "There have been some high-profile reports... that say this is what the government needs to do. President Obama went exactly in the opposite direction."

The Center for Democracy and Technology (CDT), an online privacy and civil liberties group, also praised Obama's announcement.

While the U.S. government needs to better protect computer networks, that doesn't mean it will track users online or intercept communications, Obama said. The office of the cybersecurity coordinator will also include a chief privacy officer, he said.

CDT is also happy that the White House, and not the secretive National Security Agency, will lead cybersecurity efforts, the group said.

"It's clear that the White House review team was committed to building privacy into these cybersecurity policy recommendations from the beginning of the process," CDT President and CEO Leslie Harris, said in a statement.

"Further, we are greatly encouraged by the Administration's strong commitment to develop its cybersecurity privacy policies in a collaborative manner with those in the private sector."

Other statements in reaction to the White House report:

-- Shannon Kellogg, director of information security policy at EMC and a member of the National Cyber Security Alliance Board of Directors: "Public-private partnerships are critical to the success of a comprehensive cybersecurity public service campaign. A true collaboration among government agencies, nonprofits and private companies will enable us to empower our citizens to protect themselves and, in turn, make our country's overall cyber defenses stronger."

-- John Stewart, Cisco Systems vice president and chief security officer: "The administration's report is a culmination of the most focused and thorough discussion about the security of the nation's online infrastructure. I'm glad that so many experienced and knowledgeable contributors from the public and private sectors have given voice and are being heard. It's imperative that the public and private sector continue to collaborate."

-- Ed Black, president and CEO of Computer & Communications Industry Association: "President Obama announced he plans to appoint both a cybersecurity czar and someone who understands privacy and civil liberties to the National Security Council cyber security team. This shows the Obama Administration understands the critical balance needed to keep the Internet open and safe and to maintain the freedom and trust of those using it. We know the pressures to deviate from this balance will be strong, and we hope he can stay on course."

-- U.S. Representative Peter King, of New York, senior Republican on the House Committee on Homeland Security: "I view the president's action today on cybersecurity as a very positive step. As we go forward, we have to make sure that all of the federal departments and agencies are properly coordinated in their cybersecurity efforts."

-- Ann Beauchesne, the U.S. Chamber of Commerce's vice president of national security and emergency preparedness: "Cyber threats are real, growing, and causing significant challenges for businesses. President Obama promised to make cybersecurity a top priority during the campaign. The Chamber welcomes the administration's efforts to turn a campaign promise into action."

Join the CSO newsletter!

Error: Please check your email address.

Tags white housecybersecurityUSA governmentBarack Obama

More about CDTCiscoCiscoEMC CorporationInternet Security AllianceJuniperJuniperNational Security AgencyNational Security CouncilPGP

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place