The White House is building on recent laws addressing cybersecurity in the United States with the release of a new Cybersecurity National Action Plan (“CNAP”). The plan focuses on:
- improving cybersecurity awareness and protections;
- additional privacy and security protections for individuals through the creation of a permanent Federal Privacy Council;
- maintenance of public safety, economic security and national security through a new Commission on Enhancing National Security; and
- encouraging citizens to take better control of their digital information and security.
CNAP includes a request to Congress to invest over $19 billion for the 2017 Fiscal Year Budget, which is a 35% increase to resources allocated to cybersecurity during FY 2016.
The plan is highlighted by a new Commission on Enhancing National Security (“Commission”). The Commission will be comprised of top technical, strategic, and business advisors in the private sector chosen by bipartisan Congressional leadership. It will make detailed recommendations to improve cybersecurity awareness both inside and outside the government. The Commission will also make specific findings about improving national security and empowering citizens to better handle their digital security. These recommendations and findings must be reported to the President before the end of this year.
The White House looks to make significant improvements in government cybersecurity as part of a $3.1 billion Information Technology Modernization Fund, which will allow agencies to modernize outdated IT infrastructure, networks and systems. A new Federal Chief Information Security Officer will be solely dedicated to developing, managing, and coordinating cybersecurity policies, strategies and operations in the federal government. The Department of Homeland Security will have new federal civilian cyber defense teams to protect associated networks, systems and data. The plan also calls for disrupting cyberattacks and improving cyber incident response.
CNAP’s concern for citizens’ privacy and security is reflected in an Executive Order making the Federal Privacy Council permanent. Privacy officials from across the government will help ensure that more strategic and comprehensive federal privacy guidelines are implemented. The Administration wants citizens to leverage multiple layers of authentication when logging into online accounts instead of just a password. Extra factors like a fingerprint or a single use code via text message are ways to improve online security. The federal government is accelerating adoption of this approach for citizen-to-government digital services, such as tax and health benefit information. The White House’s new milestones for the 2014 BuySecure Initiative will build upon the already 2.5 million issued Chip-and-PIN payment cards.
Research and development will continue to be a focus with a new Federal Cybersecurity Research and Development Strategic Plan. The strategic plan outlines research and development goals so that U.S. can advance cybersecurity technologies. CNAP further mentions working with the Linux Foundation’s Core Infrastructure Initiative to maintain and improve internet infrastructure.
Randall J. Collins is a law clerk in Fox Rothschild’s Philadelphia office.