US launches voluntary cybersecurity plan (Update)

February 12, 2014 by Rob Lever
US President Barack Obama conducts a press conference on February 11, 2014 at the White House in Washington, DC

The US administration on Wednesday launched a cybersecurity plan which aims to use voluntary collaboration from the private sector to protect critical infrastructure from computer hackers.

The initiative stems from an executive order issued last year by President Barack Obama after repeated failures in Congress of a cybersecurity law.

The so-called cybersecurity framework allows the government to lead an information-sharing network but stops short of making mandatory the reporting of cyber threats.

The goal is to protect so-called critical infrastructure, which can include power grids, water systems and financial networks against which a cyberattack could have crippling consequences.

Obama said the voluntary framework "is a great example of how the private sector and government can, and should, work together to meet this shared challenge."

"While I believe today's framework marks a turning point, it's clear that much more work needs to be done to enhance our cybersecurity," Obama said in a statement.

"America's economic prosperity, national security, and our individual liberties depend on our commitment to securing cyberspace and maintaining an open, interoperable, secure, and reliable Internet. Our critical infrastructure continues to be at risk from threats in cyberspace, and our economy is harmed by the theft of our intellectual property."

- Voluntary tradition -

A senior administration official said the framework is the result of one year of consultations with industry experts and others.

"We wanted this framework to be voluntary because it encourages the widest set of stakeholders to come forward and work with us," the official said.

"Voluntary standards are a tradition in this country because they work."

Obama and other officials have continued to press lawmakers for cybersecurity legislation, which could give the government broader ability to prevent and respond to computer attacks.

Lawmakers have been deadlocked on cybersecurity legislation, amid opposition from an unusual coalition of civil libertarians—who fear government snooping—and conservatives who said it would create a new bureaucracy.

US military officials have argued that legislation is needed to protect infrastructure critical to safeguarding national defense, including power grids, water systems and industries ranging from transportation to communication.

Senator Jay Rockefeller, who has spearheaded cybersecurity efforts in Congress, praised the new plan.

"The recent data breaches at Target and other retailers are a stark reminder that our networks continue to be vulnerable to cyber attacks," Rockefeller said in a statement.

The senator added that the plan "represents the careful thinking of our country's top security experts. It should become an essential touchstone, not just for critical infrastructure operators, but for all companies and government agencies that need to protect their systems and their data."

But Greg Nojeim at the digital rights activist Center for Democracy & Technology said the plan is weak on privacy protection after the latest update removed specific privacy language.

"We would have preferred a framework that requires more measurable privacy protections," Nojeim said.

Suzanne Spaulding, acting under secretary of Homeland Security, encouraged the private sector to adopt the voluntary standards.

"Both the private sector and government have a role to play in strengthening our nation's critical infrastructure security and resilience, including cybersecurity, and it is imperative that we as a country take coordinated actions to achieve this goal," she said in a blog post.

But the technology policy think tank Tech Freedom expressed doubt.

"The govt is producing only basic #cybersecurity standards, with little incentive for private sector to participate," the group tweeted.

Explore further: Obama moves to defend infrastructure from cyberattacks

Related Stories

US bill seeks to improve cyber information-sharing

November 30, 2011

A bill intended to increase sharing of information about cybersecurity threats between government and the private sector was introduced in the US House of Representatives on Wednesday.

White House set to unveil cyber plan

May 12, 2011

The White House on Thursday is expected to unveil its proposal to enhance the nation's cybersecurity, laying out plans to require industry to better protect systems that run critical infrastructure like the electrical grid, ...

Recommended for you

Enhancing solar power with diatoms

October 20, 2017

Diatoms, a kind of algae that reproduces prodigiously, have been called "the jewels of the sea" for their ability to manipulate light. Now, researchers hope to harness that property to boost solar technology.


Adjust slider to filter visible comments by rank

Display comments: newest first

5 / 5 (1) Feb 12, 2014
That pic makes it look like Obama is pulling another Jedi mind trick.

Oh wait.
not rated yet Feb 12, 2014
LOL, a trust-me product with THAT face associated? Somebody needs to be fired.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.