Big News of the Day
The administration's Cyberspace Policy Review is out. NextGov will have more later, but the document is up on the White House site, and from the beginning, its conclusions are somewhat grim:
The architecture of the Nation's digital infrastructure, based largely upon the Internet, is not secure or resilient. Without major advances in the security of these systems or significant change in how they are constructed or operated, it is doubtful that the United States can protect itself from the growing threat of cybercrime and state-sponsored intrusions and operations. Our digital infrastructure has already suffered intrusions that have allowed criminals to steal hundreds of millions of dollars and nation-states and other entities to steal intellectual property and sensitive military information. Other intrusions threaten to damage portions of our critical infrastructure. These and other risks have the potential to undermine the Nation's confidence in the information systems that underlie our economic and national security interests.
The Federal government is not organized to address this growing problem effectively now or in the future. Responsibilities for cybersecurity are distributed across a wide array of federal departments and agencies, many with overlapping authorities, and none with sufficient decision authority to direct actions that deal with often conflicting issues in a consistent way. The government needs to integrate competing interests to derive a holistic vision and plan to address the cybersecurityrelated issues confronting the United States. The Nation needs to develop the policies, processes, people, and technology required to mitigate cybersecurity-related risks.
COMMENTS
Post a Comment
By using this Service you agree not to post material that is obscene, harassing, defamatory, or otherwise objectionable. Although GovExec does not monitor comments posted to this site (and has no obligation to), it reserves the right to delete, edit, or move any material that it deems to be in violation of this rule.
ABOUT THIS BLOG
Government Executive Staff Correspondent Alyssa Rosenberg takes a look at news affecting the management and operations of the massive federal bureaucracy.
Well probably good idea of the President to have a clean slate review of how Executive Branch does or does not deal with cyber security policy, development, and implementation. Always remember that the regulatory authority and standard setting authority of the federal government for cybe security is questionable or in my opinion almost non-existent. The feds can set standards for their own systems, no doubt and because of contracting clauses can achieve much. What is interesting is that this reports really documents how little has been done civil or military on cyber security since the origins of the problem. And one of the finest pieces of this document is the historical summary. Once example is reference to EO 12472 for example. The report might also have referenced the implementing regulations at 47 CFR Parts 201-212. Not sure what that EO has not been comprehensively revised since it relies in part on a repealed statute the Federal Civil Defense Act of 1950 (Public Law 81-920 [to use the modern citation system]! FEMA wrote all federal departments and agencies and the Executive Offices of the White House telling them of the repeal of that statute by Public Law 103-337!
William R. Cumming Posted Saturday, May 30, 2009 11:10 AMAlso not sure how the White House Resilency directorate and cyber security operation will relate if at all to each other. I would really like to have made public the 80 legal issues that are apparently being researced and wonder if any conclusions of that legal research will have an impact on conclusions of the report? Hey good luck to whomever gets the portfolios described because it looks to me like tough going! But at the end of the tunnel it also looks like cyber security is the next bubble sector of the economy since housing seems gone for good in that arena.