cyber security

New Obama cyber czar must balance security/economic needs

After months of speculation, this promises to be the week that Washington and security experts have been waiting for – the announcement of President Obama’s cyber czar, along with a 40-page report that evaluates the government’s cybersecurity initiatives and policies, according to The Washington Post. The report is expected to take a broad-brush approach to the issue rather than delving into details, which will no doubt lead to an intense security industry debate.

Rumor is that the security adviser will report both to the National Security Council, as well as the senior White House economic adviser. And while no one is against network security, there’s a legal and political hot potato here: What role with the adviser have in protecting private-sector networks? The word “protecting” has become politically charged because the real question is what kind of authority the National Security agency will have over “protecting” private email and phone calls.
Continued »

Cyber-security policy locks down lobbyist job security

President Barack Obama promised a bipartisan effort, and in terms of his cyber-security strategy, so far the plan looks remarkably like the 2008 plan recommended by a bipartisan group of computer security experts. The focus is to protect U.S. networks from cyber attack and to increase investment and research on cyber security.

You know that means network regulation to combat cyber crime and increase computer network security, among other things. The new Administration wants to partner with industry to secure personal data stored on government and private systems, with a standard that secures data across industries.

The new Administration’s cyber-security plan hit the Whitehouse.gov website as part of a policy document on homeland security. It’s reassuring to know that the first Blackberry-carrying president believes cyber infrastructure is a strategic asset and may create a national cyber advisor who will report directly to him (hopefully in person, since cyber-impersonation is easier than anyone wants to think, according to security expert Bruce Schneier in his Crypto-Gram newsletter).

What else? The Administration wants to work with industry and academia to develop and deploy a new generation of secure hardware and software, work with the private sector to establish tough standards for cyber security and physical resilience, and a number of additional business and personal security.

Telecom industry lobbyists are no doubt loading their briefcases to make the case for what they want, as well as what they can live with. Stay tuned.