U.S. President Barack Obama will appoint a government-wide cybersecurity coordinator and elevate cybersecurity concerns to a top management priority for the U.S. government, he announced Friday.
The White House will also develop a new, comprehensive national cybersecurity strategy, with help from private experts, and it will invest in “cutting edge” cybersecurity research and development, Obama said in a short speech.
The U.S. government, businesses and utilities face cyberattacks constantly, Obama said. “It’s now clear that this cyberthreat is one of the most serious economic and national security challenges we face as a nation,” he said. “It’s also clear that we’re not as prepared as we should be, as a government, or as a country.”
Attacks are coming from organized criminals, industrial spies, terrorists and foreign intelligence services, Obama said. “In today’s world, acts of terror can come not only from a few extremists in suicide vests, but from a few keystrokes on a computer — a weapon of mass disruption,” he added.
U.S. military dominance, safety and economic security are at risk unless the nation can better secure cyberspace, Obama said.
A review of the U.S. government’s cybersecurity efforts accompanied Friday’s announcement. As well as recommending a national coordinator, the review also calls for the U.S. government to conduct a large cybersecurity education campaign, to better work with private businesses on cyberincident response and to establish performance metrics for cybersecurity improvement
“Protecting cyberspace requires strong vision and leadership and will require changes in policy, technology, education, and perhaps law,” Melissa Hathaway, cybersecurity chief at the U.S. National Security Council, wrote in an explanation of the report. “As you will see in our review there is a lot of work for us to do together and an ambitious action plan to accomplish our goals. It must begin with a national dialogue on cybersecurity and we should start with our family, friends, and colleagues.”
The U.S. government has “garnered great momentum” on cybersecurity in recent months, Hathaway added. This year, several lawmakers have called for the government to focus more on cybersecurity, with legislation introduced that would create a national coordinator and create penalties for private organizations that do not protect their data.
Several of the report’s recommendations are similar to ones from think tank the Center for Strategic and International Studies’ (CSIS), which convened an all-star commission last year to make cybersecurity recommendations to the new president. The CSIS report recommended a national cybersecurity coordinator in the White House and a new national cybersecurity policy, as well as an increase in cybersecurity research.
Several groups praised the report and Obama’s focus on cybersecurity.
Edward Mueller, chairman and CEO at Qwest Communications, in a statement, called the report an “important first step toward creating a safe cyber environment.”
“Qwest has long supported the ongoing federal government focus on cybersecurity,” added Mueller, who also serves as chairman of Obama’s National Security Telecommunications Advisory Committee. “We have worked actively with the government and industry on issues associated with protecting our networks and the information that flows through them. This collaborative approach will continue to be necessary to ensure that the administration’s goals of leadership, education, shared responsibility, effective response, and continued innovation in the cybersecurity arena are meaningful and actionable.”
U.S. Representative Bennie Thompson, a Mississippi Democrat and chairman of the House Committee on Homeland Security, also applauded the report.
“This is a thoughtful review and I agree with many of its findings,” he said in a statement. “Now is the time for action. I plan to work closely with the Administration to improve our nation’s cybersecurity posture. The president’s decision to address this issue sends a clear message to our adversaries that the United States will no longer tolerate attacks against our federal or critical infrastructure networks, and we are prepared to defend these networks by all means necessary.”