Cybersecurity continues to hit the GovCon and business press in a big way as the White House unveiled on Tuesday an updated set of proposals to address our country’s increasingly challenging cyberscape.
From a GovCon perspective, the proposed legislation seeks to encourage our industry to voluntarily share certain information with government and the Homeland Security Department’s National Cybersecurity and Communications Integration Center (NCCIC). Companies that opt-in would earn partial liability protection from lawsuits related to security breaches. The kind of information sought is “malicious reconnaissance” or a “technical vulnerability” among others. It would also call for an update to the Computer Fraud and Abuse Act (CFAA) to more precisely define the scope.
Doing more to protect citizens, companies and our country
According to the White House fact sheet, the main steps to better protect our citizens include:
- Improving consumer confidence by combating identity theft;
- Safeguarding student data in the classroom and beyond;
- Convening the public and private sector to tackle emerging privacy issues; and
- Promoting innovation by improving consumer’s confidence online.
The series of key policy initiatives were developed to address recent high-profile cybersecurity problems such as the cyber attack against Sony Pictures Entertainment, Target, Staples, as well as universities and so on. These attacks are not only having a huge financial impact on our businesses but they are negatively impacting our students and citizens. Therefore, the President is proposing a series of policy initiatives to combat these problems.
Some of the legislation proposed covers these three key areas:
- Enabling cybersecurity information sharing;
- Modernizing law enforcement authorities to combat cybercrime; and
- National data breach reporting.
The President also announced a White House Cybersecurity Summit at Stanford University on February 13th. This summit will bring together major players in cybersecurity and consumer financial protection issues, including senior leaders from the White House, federal and state government, CEO’s from various industries including financial services, technology, communications, computer security, retail, law enforcement, health care and education.
Additionally, there are several reports predicting that President Barack Obama will discuss cybersecurity as a primary message in his State of the Union address January 20.
In an interview this week with Jill R. Aitoro, senior staff reporter for the Washington Business Journal, Rob Zitz, chief systems architect at Leidos, discussed what Obama could propose and how recent events such as the Sony hack have changed the discussion.
“I think that the recent and very public attacks that have occurred have increased the awareness of those in the executive and congressional branches,” he told the publication.
Dustin Volz, of Government Executive, provided a thoughtful and thorough piece on Obama’s Cybersecurity Plan yesterday. For your convenience, that article is here.
Certainly this topic is sensitive and charged. It’s clear that something has to be done. However, there are many challenges – one of which is information sharing, which automatically sets off major alarms from privacy groups such as the ACLU.
I’d love to know how you feel about this topic.