President Takes Action On Cybersecurity

President Obama today unveiled a “Cybersecurity National Action Plan.” The administration’s proposed budget includes $19 billion for cybersecurity spending, $3 billion of which will be devoted to updating agency systems. The plan includes the creation of a Federal Chief Information Security Officer to guide the implementation of increased security across the federal government and reside within the Office of Management and Budget. President Obama also issued two executive orders. The first establishes the Commission on Enhancing National Cybersecurity within the Department of Commerce to be composed of technology, national security, and business leaders. The Commission is charged with developing by December 1, 2016 “detailed recommendations to strengthen cybersecurity in both the public and private sectors.” The second requires the establishment of a Senior Agency Official for Privacy at each agency and creates the Federal Privacy Council as “the principal interagency forum to improve the Government privacy practices of agencies and entities acting on their behalf.” The OMB Director will be chair of the Federal Privacy Council, which will have the focus of coordinating internal agency policies.

President Obama announced these and other changes in an op-ed published in the Wall Street Journal, where he stated that “cyberthreats are among the most urgent dangers to America’s economic and national security.” His proposed budget focuses on recruiting “the best talent from Silicon Valley and across the private sector.” The President highlighted the Center for Excellence (established yesterday), which will facilitate government-private sector collaboration and establish a “national testing lab, where companies can test their security systems’ security under simulated attack.” President Obama stated that he is encouraging the private sector to move away from single-factor passwords to biometrics and two-factor authentication. With these changes, the President stated he is focused on “protecting America’s digital infrastructure.”