Obama Says New Cyberczar Won’t Spy on the Net
Following months of rumors, President Barack Obama confirmed Friday that the White House will be creating a new office to be led by a cybersecurity czar. The office will be in charge of coordinating efforts to secure government networks and U.S. critical infrastructures.
Obama was quick to add that the new White House cybersecurity office would include an official whose job is to ensure that the government’s cyber policies don’t violate privacy and civil liberties of Americans. He also reaffirmed his support for the principle of net neutrality.
“Our pursuit of cybersecurity will not include — I repeat, will not include — monitoring private sector networks or internet traffic,” he said. “We will preserve and protect the personal privacy and civil liberties that we cherish as Americans. Indeed, I remain firmly committed to net neutrality so we can keep the internet as it should be, open and free.”
The White House cybersecurity czar, who has not been named yet, will report to the National Security Council and the National Economic Council, putting the position one rung lower in the executive branch hierarchy than many security experts had hoped for. Speculators predicted the czar would report directly to the president, which would have helped insulate the office from agency turf battles.
But in his address on Friday, Obama said the new cybercoordinator will have “my full support and regular access to me as we confront these challenges.”
The czar will be responsible for orchestrating and integrating all cybersecurity policies for the government, working with the Office of Management and Budget to ensure that agencies have money allocated for cybersecurity priorities, and coordinating the government’s response to a major cyber incident or attack.
“From now on our digital infrastructure, the networks and computers we depend on every day, will be treated as they should be — as a strategic national asset,” Obama said. “Protecting this infrastructure will be a national security priority. We will ensure that these networks are secure, trustworthy and resilient. We will deter, prevent, detect and defend against attacks and recover quickly from any disruptions or damage.”
In conjunction with Obama’s briefing the White House released a report on a 60-day review of the nation’s cybersecurity efforts (.pdf), which Obama had ordered shortly after taking office in January. The report was conducted by acting White House cybersecurity chief Melissa Hathaway, who is considered a front runner for the permanent czar job.
As part of that review, Obama announced plans for a public awareness campaign to increase cybersecurity literacy among children and the general public and to support educational programs to develop technological and cybersecurity expertise. The latter is needed “to ensure a technologically advanced workforce in cybersecurity and related areas, similar to the United States’ focus on mathematics and science education in the 1960s,” the White House said in a statement.
The White House also acknowledged the need for the government “to facilitate programs and information sharing on cybersecurity threats, vulnerabilities, and effective practices across all levels of government and industry” and to coordinate responses to cyber attacks between government and private industry.
Obama did not address a separate plan that is rumored to be in the works to secure U.S. military networks. The Wall Street Journal reported last month that the Pentagon plans to create a separate military cyber command that will be responsible for securing military computers and coordinating cyber offensive attacks. The cyber command would be a subdivision of the U.S. Strategic Command and would be headed by Lt. General Keith Alexander, who currently heads the National Security Agency.
Last March, Rod Beckstrom, the Department of Homeland Security’s cybersecurity chief, abruptly resigned over concerns that the NSA was angling to take control of cybersecurity duties. But last month, at the RSA Security conference in San Francisco, Alexander insisted the NSA had no interest in overseeing cybersecurity but was interested in coordinated efforts with DHS, which is responsible for securing non-military government networks.