By LOLITA C. BALDOR, Associated Press Writer Lolita C. Baldor, Associated Press Writer – 1 hr 17 mins ago
WASHINGTON – America has failed for too long to protect the security of its computer networks, President Barack Obama said Friday, announcing he will name a new cyber czar to press for action.
Surrounded by a slew of government officials, aides and corporate executives, Obama said the U.S. has reached a "transformational moment" when computer networks are probed and attacked millions of times a day.
"It's now clear this cyber threat is one of the most serious economic and national security challenges we face as a nation," Obama said, adding, "We're not as prepared as we should be, as a government or as a country."
He said he will soon pick the person he wants to head a new White House office of cyber security, and that person will report to the National Security Council and the National Economic Council — a nod to his contention that the country's economic prosperity depends on cybersecurity.
While the coordinator's exact title has not yet been decided, Obama addressed concerns that the person might not have the budgetary and policy-making authority needed to force change. The coordinator, he said, will have "regular access to me."
As many as a half dozen candidates — from the public and private sector — are being considered for the job, according to officials familiar with the discussions.
Obama's announcement comes as the Pentagon is poised to create a new cyber command to improve protection of military networks and coordinate its offensive and defensive cyber missions.
Government officials have grown increasingly alarmed as U.S. computer networks are repeatedly assailed by attacks and scams, ranging from nuisance hacking to more nefarious probes and attacks, including suspicions of cyber espionage by other nations, such as China. Officials earlier this year revealed there was an attack against the electrical grid, and computers at the Pentagon were infected by a virus.
Even the president was a victim.
Obama said his presidential campaign's own computer system was attacked last year, and hackers gained access to e-mails and filed, but not to contributors or financial information.
"It was a powerful reminder: In this Information Age, one of your greatest strengths — in our case, our ability to communicate to a wide range of supporters through the Internet — could also be one of your greatest vulnerabilities," said Obama.
Laying out a broad five-point plan, the president said the U.S. must provide the education required to keep pace with technology and attract and retain a cyber-savvy work force. He called for a new education campaign to raise public awareness of the challenges and threats related to cyber security.
The newly interconnected world offers great promise, but it also presents significant peril, the president said, declaring: "Cyberspace is real, and so are the risks that comes with it."
He assured the business community, however, that the government will not dictate how private industry should tighten digital defenses. And he made it clear that the new cyber security effort will not involve any monitoring of private networks or individual e-mail accounts.
The Internet, he said, should remain open and free.
Corporate leaders and cyber experts, however, say they are concerned that the new coordinator will not wield enough power to force reluctant government agencies to put aside turf wars or dictate how they spend the millions of dollars the U.S. pours into its digital budgets.
"Placing a strategy "czar" in the White House will hinder Congress' ability to effectively oversee federal cybersecurity activities and will do little to resolve the bureaucratic conflicts, turf battles, and confusing lines of authority that have undermined past cybersecurity efforts," said Sen. Susan Collins of Maine, the top Republican on the Homeland Security and Governmental Affairs Committee.
Experts expressed similar reservations.
"I expect that a position that has a lesser role, that doesn't have budget authority, that is reporting up through the NEC, would probably not result in the kinds of changes that really need to be made," said Gene Spafford, computer security expert and professor at Purdue University, where candidate Obama first pledged last year to make cyber a priority.
Obama said the coordinator will work with the Office of Management and Budget to ensure that agencies reflect the spending priorities needed.
Overall, computer company executives and members of Congress hailed Obama's announcement as a good first step, while warning that there is much hard work still to be done.
"Because the private sector owns and operates the vast majority of our nation's critical infrastructure, government and business have a shared responsibility to defend our networks," said Ann Beauchesne, vice president of national security at the U.S. Chamber of Commerce.
Friday, May 29th, 2009 at 10:00 am
Securing Our Digital Future
White House cyber report: http://www.whitehouse.gov/CyberReview
Melissa Hathaway, Cybersecurity Chief at the National Security Council, discusses securing our nation's digital future:
The globally-interconnected digital information and communications infrastructure known as cyberspace underpins almost every facet of modern society and provides critical support for the U.S. economy, civil infrastructure, public safety and national security. The United States is one of the global leaders on embedding technology into our daily lives and this technology adoption has transformed the global economy and connected people in ways never imagined. My boys are 8 and 9 and use the Internet daily to do homework, blog with their friends and teacher, and email their mom; it is second nature to them. My mom and dad can read the newspapers about their daughter on-line and can reach me anywhere in the world from their cell phone to mine. And people all over the world can post and watch videos and read our blogs within minutes of completion. I can’t imagine my world without this connectivity and I would bet that you cannot either. Now consider that the same networks that provide this connectively also increasingly help control our critical infrastructure. These networks deliver power and water to our households and businesses, they enable us to access our bank accounts from almost any city in the world, and they are transforming the way our doctors provide healthcare. For all of these reasons, we need a safe Internet with a strong network infrastructure and we as a nation need to take prompt action to protect cyberspace for what we use it for today and will need in the future.
Protecting cyberspace requires strong vision and leadership and will require changes in policy, technology, education, and perhaps law. The 60-day cyberspace policy review summarizes our conclusions and outlines the beginning of a way forward in building a reliable, resilient, trustworthy digital infrastructure for the future. There are opportunities for everyone—individuals, academia, industry, and governments—to contribute toward this vision. During the review we engaged in more than 40 meetings and received and read more than 100 papers that informed our recommendations. As you will see in our review there is a lot of work for us to do together and an ambitious action plan to accomplish our goals. It must begin with a national dialogue on cybersecurity and we should start with our family, friends, and colleagues.
We are late in addressing this critical national need and our response must be focused, aggressive, and well-resourced. We have garnered great momentum in the last few months, and the vision developed in our review is based on the important input we received from industry, academia, the civil liberties and privacy communities, others in the Executive Branch, State governments, Congress, and our international partners. We now have a strong and common view of what is needed to achieve change. Ensuring that cyberspace is sufficiently resilient and trustworthy to support U.S. goals of economic growth, civil liberties and privacy protections, national security, and the continued advancement of democratic institutions requires making cybersecurity a national priority.
No comments:
Post a Comment