Obama orders cybersecurity review

President Barack Obama has directed his security advisers to conduct an immediate review of the government’s cybersecurity plan, programs and activities.

Administration officials said that the interagency review would develop a “strategic framework” to ensure that the government’s cybersecurity efforts are integrated and coordinated with Congress and the private sector.

The review will take 60 days and will be done by the president’s homeland security and national security advisers. It will be led by Melissa Hathaway, who has served as senior adviser and cyber coordination executive to the Director of National Intelligence and has played a leading role in coordinating the government’s Comprehensive National Cybersecurity Initiative.

Hathaway will hold the post of acting senior director for cyberspace for the National Security and Homeland Security Councils during the review, officials said.

“The national security and economic health of the United States depend on the security, stability and integrity of our nation’s cyberspace, both in the public and private sectors," said John Brennan, assistant to the president for counterterrorism and homeland security, in a statement.

A report released in December by a panel of cybersecurity experts and lawmakers recommended Obama create a new cybersecurity directorate in the National Security Council (NSC) to develop and manage a comprehensive national security strategy for cyberspace. The panel, the Center for Strategic and International Studies’ Commission on Cyber Security for the 44th Presidency, also suggested using the United States’ approach to nuclear nonproliferation as a model for cybersecurity efforts.

James Jones, Obama’s national security adviser, told European leaders at a security conference in Munich on Feb. 8 that the NSC is evaluating how to update its “capacity to combat the proliferation of weapons of mass destruction while also placing a far higher priority on cybersecurity,” according to a transcript of his speech.

The Obama administration’s homeland security platform, released in January, calls for a national cyber adviser that would coordinate federal cybersecurity efforts and report directly to the president.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Reader Comments

Thu, Feb 19, 2009 J R Washington, DC

It is my sincere hope that the new administration, which publicly espouses "Open Government", would rethink the DOD-centric and somewhat paranoid approach to cybersecurity that has been popular for the last several years. For most US agencies, the data they produce is FOR public consumption. For them, security means protecting the public's ability to access that data, NOT the protection of that data FROM public access. Most agencies have been doing security backwards for several years now. Hopefully Obama will liberate us from the neanderthal control freaks of the past administration!

Thu, Feb 12, 2009 Don O'Neill

President Obama’s Cybersecurity review might benefit from using the Resiliency Assurance Assessment questionnaire described in the Cert BSI web page entitled “Maturity Framework for Assuring Resiliency Under Stress” found at https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/business/1016-BSI.html The purpose of this article is to specify a framework for assuring the resiliency of the critical infrastructure through a management, process, and engineering framework of capabilities and solutions along with the model-based business, technical, and operational claims, arguments, and evidence useful in its assessment. As the author of the article, I urge the review team to consider not just protection but also resiliency. The base definition of resiliency is the ability to anticipate, avoid, withstand, minimize, and recover from the effects of adversity, whether natural or man-made, under all circumstances of use. This proactive approach that expands Cybersecurity focus to anticipation and avoidance may be especially useful in assessing the nation’s critical infrastructure. Don O’Neill Former President Center for National Software Studies

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above