White House unveils cybersecurity plan

May 12, 2011 By LOLITA C. BALDOR , Associated Press

Companies that run critical U.S. industries such as power plants would get government incentives to make sure their systems are secure from computer-based attacks, the White House said Thursday, detailing its broad proposal to beef up the country's cybersecurity.

The approach is similar to congressional legislation already in the works, but some criticized it as being too weak Thursday, while the business community said it preferred a voluntary program rather than government mandates.

Under its proposed legislation, the would give the the authority to work with industry to come up with ways to secure their computer systems and protect against . If a company fails to do so, or comes up with an inadequate plan, DHS would be able develop its own security framework for that firm.

The proposals reflects the broad understanding that any more stringent - such as the one that controls safety at - would get little support, and business groups have been lobbying strongly for as much of a voluntary program as possible.

The government should encourage the private sector to voluntarily adopt security standards, and "avoid a one-size-fits-all, mandated approach to cybersecurity," said Phil Bond, president of TechAmerica, which represents about 1,200 companies.

But critics say the White House approach has little teeth.

"The Administration's proposal shows no sense of urgency," said Stewart Baker, a former senior Homeland Security official. "It tells even critical industries on which our lives and society depend that they will have years before anyone from government begins to evaluate their security measures."

Under the administration's proposal, an independent group would evaluate the security plans. And the DHS could use that evaluation as it makes purchasing decisions, thus potentially rewarding companies who take strong measures to secure their networks from intrusions.

The threat is diverse, ranging from computer hackers going after banking and financial accounts to terrorists or other nations breaching government networks to steal sensitive data or sabotage critical systems like the electrical grid, nuclear plants or Wall Street.

Federal computer networks are being scanned and attacked millions of times a day, and U.S. officials warn that hackers have begun targeting power plants and other critical operations to either bring them down or take them over. A glaring example was the Stuxnet worm that targeted Iran's nuclear program last year, including the infection of laptops at Iran's Bushehr nuclear power plant.

Several House and Senate committees have been working on cybersecurity legislation for the past two years, while waiting for the administration to weigh in with its proposal. The process has been difficult, as industry leaders, privacy advocates and security experts wrangled over how to protect the U.S. from cyberattacks without infringing on business practices or civil liberties.

Key lawmakers involved in drafting Senate and House versions of the cybersecurity bill praised the White House plan, while noting that Congress and the White House are sharply divided over at least one issue. House and Senate lawmakers want the White House cyber coordinator to be subject to Senate confirmation. The White House has opposed that idea.

The White House proposal also requires companies to tell their customers when their personal information has been compromised. And it lays out guidelines for federal agencies to continuously monitor and protect their systems, insisting that they have a better understanding of who is on their networks, what they are doing and whether any data is being stolen or manipulated.

Officials said Thursday that the proposal calls for strong protections for individual's privacy and civil liberties. And it also sets out expanded criminal penalties for cyber crimes.

Explore further: Obama to release cyber security report on Friday

0 shares

Related Stories

Experts say US must do more to secure the Internet

February 23, 2010

(AP) -- The government must take a more active role in securing the Internet, industry experts told Congress Tuesday, arguing that as businesses and governments rely more on cyberspace the prospect of a serious attack grows.

US reviewing ways to fight cyber attacks: general

September 24, 2010

The White House is looking at boosting the authority of the US military and other agencies to protect the country's infrastructure from possible cyber attack, a top general said Thursday.

White House set to unveil cyber plan

May 12, 2011

The White House on Thursday is expected to unveil its proposal to enhance the nation's cybersecurity, laying out plans to require industry to better protect systems that run critical infrastructure like the electrical grid, ...

Recommended for you

Microsoft describes hard-to-mimic authentication gesture

August 1, 2015

Photos. Messages. Bank account codes. And so much more—sit on a person's mobile device, and the question is, how to secure them without having to depend on lengthy password codes of letters and numbers. Vendors promoting ...

Power grid forecasting tool reduces costly errors

July 30, 2015

Accurately forecasting future electricity needs is tricky, with sudden weather changes and other variables impacting projections minute by minute. Errors can have grave repercussions, from blackouts to high market costs. ...

Netherlands bank customers can get vocal on payments

August 1, 2015

Are some people fed up with remembering and using passwords and PINs to make it though the day? Those who have had enough would prefer to do without them. For mobile tasks that involve banking, though, it is obvious that ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.