RSA Conference: White House declassifies U.S. cybersecurity initiative detailsIn an effort to increase government transparency, the Obama administration has declassified U.S. cybersecurity policy details, Howard Schmidt, the newly appointed White House cybersecurity coordinator, announced during a keynote speech Tuesday at the RSA Conference in San Francisco.
The Obama administration on Tuesday declassified a summary of the Comprehensive National Cybersecurity Initiative (CNCI), a highly secretive program that began in 2008 under the Bush administration to help secure the United States in cyberspace.
Schmidt (left) said the information was declassified after individuals raised “legitimate” questions about sensitive topics, such as the role of the intelligence community and private industry in cybersecurity. The declassified information should allow Americans to better partner with government on cybersecurity issues, he said.
“Transparency and partnership are terms that need to go hand in hand,” Schmidt said. “In order to be successful against today's cybersecurity threats, we must continue to seek out innovative new partnerships — not only within government, but also among industry, government and the American public."
The newly released document states that the three primary goals of the CNCI are to establish a front line of defense against today's immediate threats, to defend against the full spectrum of threats, and to strengthen the future cybersecurity environment.
To achieve these objectives, the CNCI includes 12 programs to reduce the number of external access points to federal government, means to deploy intrusion detection and prevention systems across the federal government, to coordinate research and development, and develop a cybersecurity workforce.
Also, the CNCI calls for initiatives to connect government cyber-operation centers to facilitate information-sharing about malicious activities against federal systems, develop and implement government-wide cyber counterintelligence, increase the security of classified networks and define and develop new cybersecurity technology, strategies and programs, as well as deterrence strategies.
In addition, the CNCI consists of initiatives to develop an approach for global supply chain risk management and ways to define the federal government's role for improving the cybersecurity of critical infrastructure domains.
Schmidt said President Obama has determined that the CNCI and its associated activities will be part of a broader, updated U.S. cybersecurity strategy. The CNCI initiatives will help support the achievement of the recommendations set forth in Obama's Cyberspace Policy Review.