In a keynote address to the US RSA Conference 2010 in San Francisco, President Obama's cyber security advisor Howard Schmidt _ labelled by media as the US's first cyber czar' _ announced a 10-point action plan with specific short-term actions aimed at bolstering US cyber security. It was Schmidt's first keynote speech since being appointed by Obama last December.
The Comprehensive National Cybersecurity Initiative (CNCI) aims to "improve our resilience to cyber incidents, and to reduce the cyber threat", said Schmidt. Priorities are ensuring the "resilience" of federal government networks and ensuring that private-sector partners also have sufficiently secured systems and networks. Schmidt stressed the US government would itself not be responsible for securing private networks, but that it would look to enhance public-private partnerships in order to provide a more comprehensive and co-ordinated response to cyber threats.
The issue of cybersecurity has moved up the agenda in the last year in the US, especially with the recent alleged attacks on Google and Adobe. As previously reported on by Security International, public-private partnerships are a key theme in initiatives being pursued by governments worldwide. Schmidt acknowledged that such partnerships are essential in underpinning US cybersecurity, as is "government-to-government" international co-operation.
Schmidt said: "We all know that collaboration is important, and we recognise that the government and industry need to work together. These vulnerabilities are shared, so we need to work together. In order to be successful, we must seek new and innovative partnerships, with government, industry, academia, and the public. Working together is the most powerful tool we have."
US cybersecurity plan
The details of the US cyber security plan as detailed in the CNCI are as follows:
1. Appoint a cybersecurity policy official responsible for coordinating the Nation's cybersecurity policies and activities.
2. Prepare for the President's approval an updated national strategy to secure the information and communications infrastructure.
3. Designate cybersecurity as one of the President's key management priorities and establish performance metrics.
4. Designate a privacy and civil liberties official to the NSC cybersecurity directorate.
5. Conduct interagency-cleared legal analyses of priority cybersecurity-related issues.
6. Initiate a national awareness and education campaign to promote cybersecurity.
7. Develop an international cybersecurity policy framework and strengthen our international partnerships.
8. Prepare a cybersecurity incident response plan and initiate a dialog to enhance public-private partnerships.
9. Develop a framework for research and development strategies that focus on game-changing technologies that have the potential to enhance the security, reliability, resilience, and trustworthiness of digital infrastructure.
10. Build a cybersecurity-based identity management vision and strategy, leveraging privacy-enhancing technologies for the Nation.
For further details visit www.whitehouse.gov/administration/eop/nsc/cybersecurity
Source - Security International's US Correspondent