Recap of White House Cybersecurity Efforts
- By Ginger Hill
- Jan 14, 2015
Twitter has been abuzz with comments to and from President Obama relating to cybersecurity and how to better digitally protect America against the growing number of cyber-related threats. Here are the ways in which Obama proposes we, America, fight against cyber threats:
Enable cybersecurity information sharing: Encourage the private sector to share cyber threat information with the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) who will in turn share the information as close to real-time as possible to relevant federal agencies.
In addition, this legislation encourages forming private-sector led Information Sharing and Analysis Organizations to help keep American’s personal data safe by requiring compliance with privacy restrictions.
This is to complement existing relationships between the government and private sector.
Modernize law enforcement authorities: Allow for the prosecution of the sale of botnets, make the overseas sale of stolen U.S. financial data a criminal offense, allow federal law enforcement to deter the sale of spyware for use of stalking or ID theft, give authority to courts shut down botnets engaged in criminal activity.
National data breach reporting: Simplify and standardize the reporting process for each state that requires consumers to be notified by businesses that suffer intrusions to consumers’ personal information by making this requirement a federal statute.
“Companies that have lost sensitive customer information in a data breach should be legally required to inform their customers,” said Stina Ehrensvard, CEO and founder, Yubico. “This is an important step for continued trust for the Internet, and for the companies that have been affected, as this information will be out on the Internet sooner or later anyway.”
Reporting does seem to help build trust, establishing a “we’re-in-this-together” mentality, but what about stolen data and online identities? Ehrensvard suggests that the U.S. government use the FIDO U2F open standard.
“Security is never stronger than its weakest link, and in many IT-systems it is the username/password login,” said Ehrensvard. “To protect Internet users and data, the U.S. government should follow the leading Internet services and thought leaders, and more actively drive implementation of simple and strong two-factor authentication. The FIDO U2F open standard was designed to address this need, and is proven today with global users.”
Ginger Hill is Group Social Media Manager.