Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

White House Should Lead Broad Cybersecurity Effort: Panel

The White House should lead a broad cybersecurity effort with the private sector to guard against potentially crippling attacks and boost confidence in the digital economy, a presidential commission said Friday.

The White House should lead a broad cybersecurity effort with the private sector to guard against potentially crippling attacks and boost confidence in the digital economy, a presidential commission said Friday.

The panel created by President Barack Obama in 2013 delivered a 90-page set of recommendations, noting that most would need to be carried out by incoming President-elect Donald Trump.

“It is critical that the next president and his administration and Congress begin immediately to tackle each one of the issues raised in this report,” the panel said.

“The commission considers this report a direct memo to the next president. The recommendations reflect what the commissioners believe are the highest-priority actions to take. Some recommendations call for actions within the first 100 days of the new administration.”

The report comes amid a wave of cyber attacks that have compromised data on tens of millions of US government employees, Yahoo users and other online services, and major companies such as Sony Pictures.

There are also concerns about risks to networks that control critical infrastructure such as electric grids and water systems.

The election campaign itself was also roiled by concerns about cyber attacks said to come from Russia.

The Commission on Enhancing National Cybersecurity, headed by former US national security adviser Thomas Donilon and former IBM chief Samuel Palmisano, called for a wide range of actions from both the public and private sector, while arguing that the White House has a responsibility to lead the efforts.

Advertisement. Scroll to continue reading.

“We need to recognize that neither the government nor the private sector can capably protect systems and networks without extensive and close cooperation,” the report said.

The panel called for better public-private cooperation but said that “the government is — and should remain — the only organization with the responsibility and, in most cases, the capacity to effectively respond to large-scale malicious or harmful activity in cyberspace caused by nation-states.”

Specifically, it said the private and public sectors “should collaborate on a roadmap for improving the security of digital networks,” which can protect against so-called denial-of-service attacks that can shut down systems.

“The administration should focus first on mitigating and, where possible, eliminating denial-of-service attacks, particularly those launched by botnets,” the report said, referring to networks of web-connected machines that can be manipulated with malware.

Mobile security, passwords

Because of the growth in use of mobile devices, cybersecurity efforts should also focus on protecting against disruption of wireless communications, the panel said.

The government should prioritize efforts to guard against any attacks on the global positioning system (GPS) and have contingency plans if these systems fail, the report said.

ne of the ways to guard against attacks is stepping up identity verification — which could be helped by moving away from passwords which are often stolen and used by hackers.

The panel also called for creation of a new civilian agency to lead cybersecurity and critical infrastructure protection, a new cybersecurity awareness campaign and the “equivalent of a cybersecurity ‘nutritional label’” for tech products and services.

Obama, in a statement, called the recommendations “thoughtful and pragmatic” and said his administration “will take additional action wherever possible” before he leaves office next month.

He said he asked the panel to brief the Trump transition team “at their earliest opportunity.”

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem