With cyberattacks looming large as the nation’s No. 1 security threat, President Obama recently unveiled the Cybersecurity National Action Plan (CNAP) — a $19 billion initiative to update cybersecurity measures, boost the number of college students pursuing careers in cybersecurity, streamline federal computer networks, and certify Internet-connected devices as secure.
The plan also includes measures to establish a Commission on Enhancing National Cybersecurity and a Federal Privacy Council, which will oversee how government entities are storing Americans’ personal data. It also will create the position of Chief Information Security Officer.
In announcing the changes, Michael Daniel, cybersecurity coordinator for the Obama administration, said, “I’m confident that if we take these steps, we can make a different and substantially improve our cybersecurity both now and in the long run.”
Under the CNAP, the measures will be implemented to address the “fastest growing crime in America” — identity theft, the government said in a release. “Our innovators and entrepreneurs have reinforced our global leadership and grown our economy, but with each new story of a high-profile company hacked or a neighbor defrauded, more Americans are left to wonder whether technology’s benefits could risk being outpaced by its costs.”
While the government is taking steps to address the issue, it also noted that it would need to work with private corporations to tackle cyber attacks because of their complexity. The initiative is calling upon “strategic, business, and technical thinkers from outside of government to study and report on what more we can do to enhance cybersecurity awareness and protections, protect privacy, maintain public safety as well as economic and national security, and empower Americans to take better control of their digital security.”
Here are some of the highlights of the CNAP:
Establish the Commission on Enhancing National Cybersecurity. The commission will include top strategic, business, and technical thinkers from outside of government to advise on matters related to cybersecurity.
Modernize government IT. About $3.1 billion in funds will be designated for the retirement, replacement and modernization of legacy IT. Also, the funds will support the new position of a Federal Chief Information Security Officer.
Empower Americans to secure their online accounts. This initiative will add an extra layer of security — moving beyond just using passwords. The multi-factor authentication could include adding factors such as fingerprints or single use codes delivered in text messages to enhance security.
Promote cybersecurity as a career. Establish a CyberCorps Reserve program that will give scholarships to students studying cybersecurity — in exchange for several years of government service. It also will expand loan forgiveness for those who go on to become federal cybersecurity employees.