As part of his series of State of the Union Address previews, President Barack Obama recently spoke at the National Cybersecurity and Communications Integration Center. He announced his intention to introduce new legislation to prosecute more easily cybercriminals and promote the flow of information regarding cyberthreats between the government and the private sector.
National security, economic prosperity, and individual liberties are dependent upon a secure cyberspace and an interoperable, open, reliable, and secure Internet. Critical infrastructures continue to be at risk from cyberthreats. In addition, the economy is harmed by the theft of intellectual property. The threats are constantly evolving and quite serious, but when effectively addressed, the Internet platform can remain a safe area for economic growth and freedom of safe international exchange.
Principles to Strengthen Cybersecurity
Broadband networks and the related wireless signals combine to create the cyberspace that is an integral part of and surrounds our daily lives. Classified intelligence and military networks keep us safe while the World Wide Web keeps us interconnected. These massive grids power the infrastructures of our nation. Securing the cyberspace ensures the growth of the economy of the nation and protection of our accepted way of life.
President Obama indicated that the Administration is employing the following principles in its approach to strength the cybersecurity of the nation:
- Whole-of-government approach
- Network defense first
- Protection of civil and private liberties
- Public-private collaboration
- International engagement and cooperation
Top Five Priorities for Implementing Cybersecurity
Cyberspace is as real as the risks that are associated with it. The very technologies that empower us to build and create also empower those who seek to disrupt and destroy. This unseen paradox is present and experienced on a daily basis. In this age of information, our greatest strengths can also be our largest vulnerabilities. Economic prosperity depends on cybersecurity, making it a matter of national security and public safety. Pursuing a new comprehensive approach to securing digital infrastructures must focus on five priorities and key areas, including:
- Protecting critical infrastructures from cyberthreats. Working collaboratively with critical infrastructure operators and owners ensures protection of the most sensitive infrastructures from cybersecurity threats. Working with specific industries increases the sharing of actionable threat warnings and information between the United States Government and the private sector. In addition, spreading industry-led cybersecurity best practices and standards to the more vulnerable assets and companies develops collaboration and enhances cybersecurity.
- Identify and report cyber incidents. The ability to characterize and detect cyber incidents is enhanced by improving incident reporting and response. Additionally, sharing information and responding in a timely manner further encompasses law enforcement, network defense, and intelligence collection initiatives to further understand the potential adversaries in cyberspace.
- Promote Internet freedom to build a secure, interoperable, open, and reliable cyberspace. Cyberspace crosses international boundaries. For that reason, engaging with international partners is vital to the success of the global economy. Creating incentives and a building consensus on an international environment enables recognition of the value of interoperable, open, reliable, and secure cyberspace. By opposing efforts that restrict international freedoms, we can eliminate the multi-stakeholder approach to Internet governance. This approach will also halt the imposition of bureaucratic and political layers that are unable to keep up with the speed of technological change.
- Set clear security targets to secure federal networks by holding agencies accountable for meeting the targets. Improving the security of all federal networks by setting clear targets for agencies includes holding them accountable to achieve those targets. Additionally, deploying improved technology enables rapid discovery of and response to threats of federal systems, data, and networks. In fact, the Cybersecurity Cross Agency Priority Goal outlines the leading cybersecurity preferences for protecting and guarding unclassified federal networks.
- Move beyond passwords by partnering with the private sector to shape a cyber-savvy workplace. Anticipating the future means working to develop a cyber-savvy work environment and to make cyberspace ultimately more inherently secure. Prioritizing development, research, and technology transitions and harnessing private sector innovation ensures that activities continue to respect the civil liberties, privacy, and rights of all Americans. The federal government is partnering with academia and the private sector to support and encourage the innovation needed to make cyberspace inherently more secure.
Web Hosts and Cybersecurity
Cybersecurity has been gaining prominence within the Department of Defense over the last few years, referring to it as the ultimate team sport. No one single element of the population or the government has the complete answer to the growing problem. It will take the combination of working together to come up with a solution.
New cybersecurity legislation will promote greater information sharing between the private sector and government. In addition, it will provide liability protection for companies that share information on cyberthreats. This information includes potential safeguards to ensure that the government protects civil liberties and privacy while safeguarding critical information networks. Much of the nation’s critical infrastructures, such as financial systems, pipelines, power grids, and health care systems run on public networks connected to the Internet. However, the majority are owned and operated by the private sector.
The Summit on Cybersecurity and Consumer Protection, scheduled for February 2015, will focus on addressing efforts to protect Americans and national companies from the growing threats to commercial and consumer networks. President Obama reiterated that neither the private sector nor the government can defend cyberspace alone. It must be a shared mission as partners.
For instance, if the proposed legislation passes, it will require companies in the United States to notify customers within 30 days after discovering a data breach. Currently, each state has different laws in place to respond to data breaches. This federal legislation would replace state laws to make it consistent across the country. Making it illegal to wait for months to notify customers of a data breach will limit the window of time that data thieves have to use the confidential information.
New Cybersecurity Partnerships
Cyberthreats pose an enormous challenge. For that reason, government and non-government entities must form new cybersecurity partnerships to ensure that they are working as closely together as possible. Additional steps call for modernized law enforcement, more information sharing between the public and private sectors, and updated security data breach reporting capabilities.
Top image ©GL Stock Images