Grading the President’s SOTU Cybersecurity Agenda

In the wake of the furor over the Sony Pictures attack, President Obama came out swinging in his State of the Union speech earlier this week. Not to be outdone, Senator Joni Ernst (R-Iowa) included a cybersecurity-centric sentence or two in the Republican’s response.

Yup, the President is finally rolling up his sleeves and proposing some Federal cybersecurity initiatives but are these the right actions? Allow me to offer my two cents by grading each of the proposals.

  1. Increased security/threat intelligence between the public and private sector (Grade = B-).  This is a new spin on the old “public/private partnership” that arises from time to time across a myriad of areas. Furthermore, Congress has been wrangling over this for the past few years – first with the Cyber Intelligence Sharing and Protection Act (CISPA) and more recently the Cybersecurity Information Sharing Act (CISA). 
Topics: Cybersecurity state of the union president obama

What President Obama CAN Do About Cybersecurity

When it comes to cybersecurity and public policy, I’m as big a cynic as anyone. Why? From a historical perspective, cybersecurity issues were first recognized during the Bush administration (41, not 43). Over the subsequent 20+ years we’ve experienced misinformed rhetoric, overlapping agendas, and inaction, but little meaningful progress.

Now I realize the President has some higher priority issues to deal with and that cybersecurity is neither sexy nor universally understood. That said, however, there is no denying that things are getting progressively worse. Just this week, congressman Mike Rogers (R, Michigan), stated that he believed that 95% of private sector networks are vulnerable and most have already been attacked.

Topics: Cybersecurity Information and Risk Management Security and Privacy federal government state of the union president obama