Obama's cybersecurity plan by IanKnott


									Obama's cybersecurity plan gets cautious praise                                      http://www.computerworld.com/action/article.do?command=printArticle...

          Obama's cybersecurity plan gets cautious praise
          The challenge will be to get various interests working together
          Jaikumar Vijayan

          May 29, 2009 (Computerworld) President Obama's plan for securing cyberspace and his creation of a new
          White House cybersecurity coordinator are being greeted with cautious optimism within the security industry.
          Many see the strategy as a sign of the administration's willingness to recognize cyber threats as a national
          security issue. But until details are fleshed out, it's hard to know just how far it will go in bolstering the nation's
          ability to deal with cyber attacks, they said.
          At a White House briefing, Obama described a five-pronged cybersecurity strategy for defending government,
          military and private sector networks against threats from what he said is a growing number of bad actors. He
          noted that the new cybersecurity coordinator will be responsible for pulling together a national strategy for
          securing American interests in cyberspace
          and stressed that the government would
          safeguard privacy concerns. (The new
          office will include a privacy officer.)
          Obama's proposals had been widely
          expected and are based on the
          recommendations from a government-wide
          review of cybersecurity undertaken at his
          behest by Melissa Hathaway, a former Bush
          administration aide who he appointed as
          acting senior director for cyberspace earlier
          this year.
          "I was encouraged see that the [Hathaway]
          report got presidential support today --
          that's critical to the success of any
          program," said Patricia Titus, the one-time
          chief information security officer at the
          Transportation Security Administration
          (TSA) who now holds a similar job at Unisys
          The challenge for the Obama Administration is to actually implement the proposals in a meaningful way, Titus
          said. A lot will depend on the relationships the new cybersecurity coordinator can build and the kind of
          influence he or she can exert across government and the private sector, she said.
          While centralizing authority for cybersecurity matters in the White House can have benefits, care needs to be
          taken to maintain a balance of power, she said. "We need to make sure that no one is pushing the red panic
          button without making sure there are other individuals in the decision-making process and at the appropriate
          levels to get input from," she said.
          Obama did a "great job" of summarizing the cybersecurity threats the nation faces and the approach that's
          needed to resolve them, said Scott Charbo, former deputy undersecretary of the National Protection and
          Programs Directorate at the Department of Homeland Security (DHS).
          Especially encouraging is the president's focus on setting specific milestones and on ensuring accountability
          within government, said Charbo, who is currently director of cybersecurity at Accenture. Obama's apparent
          plan to give the new cybersecurity coordinator a greater say in ensuring that federal agencies are investing
          adequate resources on cybersecurity is also a very positive step, he said. But successfully moving forward on

1 of 2                                                                                                                                  6/1/2009 10:14 AM
Obama's cybersecurity plan gets cautious praise                                   http://www.computerworld.com/action/article.do?command=printArticle...

          a White House-led cybersecurity effort will require a "cultural transformation" by government agencies.
          "I think everyone is anxious to understand who the cybersecurity coordinator will be," Charbo said. "It needs
          to be someone who can listen to new ideas. It needs to be someone who is focused on outcomes and on
          Ensuring that all of the right players are at the table when developing a national cybersecurity strategy will be
          key, added Billy O'Brien, former White House director of cybersecurity and communications systems policy.
          O'Brien is now an analyst at Deloitte.
          To date, government officials, defense organizations and the DHS have all been working on disparate
          missions when it comes to cybersecurity. Getting everyone working together can be a challenge, he said.
          The mission of the intelligence community, for instance, is to intercept an attack using the cyber
          infrastructure; the DHS is supposed to protect critical infrastructure; the Department of Defense has defense-
          and-attack authority; and the White House has coordination authority. The question that will need to be asked
          is whether "all of the right players are at the table or if there is a need to add more," O'Brien said.
          Also key: figuring out how to ensure that the private sector is "holding up [its] end of the deal" when it comes
          to the critical infrastructure in private hands, he said.
          Enrique Salem, the CEO of Symantec Corp. , said in a statement that the decision to re-establish a strong
          White House role for cybersecurity is "gratifying." The last executive to have a cybersecurity role in the
          executive offices of the president was Richard Clarke, who was special advisor on cybersecurity to President
          George W. Bush when he retired in 2003.
          In the six years since, cyber security oversight and involvement has moved from the White House to other
          government agencies, even as cyber attacks have grown to the point where they are now a "full-blown threat
          to national security and commerce," Salem said.
          "The coordination must come from the White House level to address the situation and to provide focus on the
          global nature of this problem," he said.

2 of 2                                                                                                                               6/1/2009 10:14 AM

To top