President Obama’s Take On Cyber Security

RegulationSecurity

Technology executives praised the president’s cyber-security strategy. But they liked Bush’s recipe too: what has Obama cooked up?

In 2003, President Bush issued the National Strategy to Secure Cyberspace.   Written with input from government agencies, the private sector, academia and the armed forces, it was met with rave reviews and gushing praise from the IT industry.

The plan set guidelines, avoided mandates and promised a vaguely defined cyber tsar. The result? If anything, cyber-security actually declined.

On May 29, President Obama issued his own Cyberspace Policy Review after input from virtually every federal agency and security trade group, promising guidance over mandates. A vaguely defined cyber tsar, though now called a cyber co-ordinator, will oversee Obama’s cyber-security plan.

The technology sector wasted no time in praising the effort. As the baseball playing philosopher Yogi Berra once said, “It’s like déjà vu all over again.”

Why Obama’s plan is different

Malapropisms aside, executives from Symantec, PGP, RSA, Lockheed Martin, IBM and TechGuard all claimed it will be different this time. At a press conference a few blocks from the White House following the televised event, the executives, most of whom attended Obama’s speech, gathered under the auspices of TechAmerica, one of the capitol’s top technology trade organisations.

TechAmerica President Phil Bond called Obama’s speech a “remarkable event”. Enrique Salem, Symantec’s CEO, hailed a new era of cyber-security and vowed; “We will not fall back … like before.” While Suzanne Magree, president and CEO of TechGuard Security, said that Obama’s cyber-security initiative; “…coming so early in his first term, bodes well”. IBM Chief Privacy Officer Harriet Pearson added; “Starting today, we’re all security companies.”

Of course, much the same things were said of Bush’s cyber-security plans. What’s the difference between 2003 and today? Most of the executives seem to agree it was Obama’s very public commitment. Bush didn’t televise his cyber-security plan and often went long stretches of time without even mentioning it.

“Because of the critical importance of this work, I will personally select this official,” Obama said of his cyber-security co-ordinator. “I’ll depend on this official in all matters relating to cyber-security, and this official will have my full support and regular access to me as we confront these challenges. To ensure accountability in federal agencies, cyber-security will be designated as one of my key management priorities. Clear milestones and performances metrics will measure progress.”

“Politically, he [Obama] put a lot of chips on the table,” Bond said.

Salem said the Bush administration “started us on this path, but Obama has put cyber-security on his personal agenda, and he said he would personally track progress.”

PGP CEO Phil Dunkelberger pointed to Obama’s “force of will and unity.”