White House Cybersecurity Chief Reflects on First Two Months

Last updated: 19 March 2014

Cybersecurity and the White House have been in the news for the past week after the Obama administration’s cybersecurity bill was blocked in the Senate on August 2nd, despite the president taking to the blogosphere to air his concerns about digital terrorism only a fortnight before. Despite this setback, the U.S. government is still working hard on many cybersecurity initiatives right now.

As you may remember, last May, Michael Daniel stepped in as President Obama’s cybersecurity adviser, replacing the long-time chief Howard Schmidt. This week U.S. Cybersecurity Chief Michael Daniel took to the White House blog to talk about cybersecurity initiatives and his first two months in his position.

Daniel says that cybersecurity “is a cross-cutting problem, affecting not only all federal agencies, but also state and local governments, the private sector, non-governmental organizations, academia, and other countries. It is a national security, homeland security, economic security, network defense, and law enforcement issue all rolled into one. As a result, it takes a truly cross-cutting response to address the problem, with the public and private sector working collaboratively.”

To stress the ways collaboration can help strengthen cybersecurity, Daniel outlined four different programs that use voluntary and cooperative actions:

  • The Defense Industrial Base (DIB) Cybersecurity/Information Assurance (CS/IA) program helps companies protect critical information related to Department of Defense programs and missions. The government shares cybersecurity threat and mitigation information with DIB companies, and in turn, DIB companies can report known intrusions.
  • The National Strategy for Trusted Identities in Cyberspace (NSTIC) seeks an “Identity Ecosystem” where individuals will soon be able to choose from a variety of more secure, convenient and privacy-enhancing technologies in lieu of passwords when they log in to different websites.
  • The Electric Sector Cybersecurity Capability Maturity Model helps firms in the electric sector evaluate and strengthen their cybersecurity capabilities; it also enables the prioritization of network protection investments. This White House-initiated effort, led by the Department of Energy and in coordination with Department of Homeland Security, provides valuable insights to inform investment planning, research and development, and public-private partnership efforts in the electric sector.
  • In End-User Cybersecurity Protection, the government is participating in four linked initiatives across the IT industry, law enforcement, the financial sector, and government to counter the threat of malicious software – known as ‘bots.’ This voluntary, public-private effort ties together the capabilities of different sectors to identify compromised computers and help their owners fix them.

I like the term that Daniel uses – “cross-cutting”— to describe the United States’ cybersecurity problem.  It’s not a problem that can be solved by legislation and federal government action alone.  Efforts need to be made by all parties involved including in the private sector at Gemalto, our partners, and our customers.

In particular, Gemalto will be doing its part to cooperate and collaborate for stronger cybersecurity by lending a helping hand to the NSTIC.  As a member of the Identity Ecosystem Steering Group, we will start developing Ecosystem standards and policies next week at the initial meeting.

As a part of NSTIC from the beginning, we can’t wait to get started.