Oak Street Blog
Following the action as Federal Cybersecurity requirements start falling into place. Researched and assembled by Mary Fetherolf, President, Oak Street Associates, Inc.
Monday, April 20, 2009
Overview: CSIS Recommendations, December 2008
Assembled, but not written, by Mary Fetherolf.
http://www.csis.org/component/option,com_csis_pubs/task,view/id,5157/
The Center for Strategic and International Studies (CSIS) Commission on Cybersecurity for the 44th Presidency has released its final report, "Securing Cyberspace for the 44th Presidency." The Commission’s three major findings are:
Cybersecurity is now one of the major national security problems facing the United States;
Decisions and actions must respect American values related to privacy and civil liberties; and
Only a comprehensive national security strategy that embraces both the domestic and international aspects of cybersecurity will improve the situation.
U.S. government should:
· Overhaul its approach to cybersecurity by imposing sweeping new regulations on businesses and creating a centralized cybersecurity office in the White House
o White House office is needed because the Department of Homeland Security isn't equipped to protect the federal government against cyberattacks
o DHS retain responsibility for the U.S. Computer Emergency Readiness Team and related functions, but it envisions a new White House National Office of Cyberspace that would coordinate and oversee cybersecurity efforts governmentwide
· Develop new government regulations focused on protecting computer networks in the U.S. Many of those regulations would focus on refining government efforts to protect its own cyber infrastructure, but regulations on private industry are needed as well
· Reject the market-driven approach to cybersecurity advanced by President Bush
· Develop new regulations are needed for the IT, finance and energy industries — including the use of identity authentication credentials — and for supervisory control and data acquisition, or SCADA, systems
· Change government’s own acquisition rules for IT products to focus more on cybersecurity
· Allow U.S. residents to use government-issued cyber credentials for their online activities
· Develop a new national cybersecurity strategy that includes diplomacy, military action, changes in policy and the involvement of intelligence and law enforcement officials in the U.S.
· Put a new emphasis on having the government work with the private sector, with clearly defined responsibilities and a focus on building trust with the business community.
· Increase spending on cybersecurity research and create a scholarship program to encourage more college students to obtain cybersecurity degrees.
http://www.csis.org/component/option,com_csis_pubs/task,view/id,5157/
The Center for Strategic and International Studies (CSIS) Commission on Cybersecurity for the 44th Presidency has released its final report, "Securing Cyberspace for the 44th Presidency." The Commission’s three major findings are:
Cybersecurity is now one of the major national security problems facing the United States;
Decisions and actions must respect American values related to privacy and civil liberties; and
Only a comprehensive national security strategy that embraces both the domestic and international aspects of cybersecurity will improve the situation.
U.S. government should:
· Overhaul its approach to cybersecurity by imposing sweeping new regulations on businesses and creating a centralized cybersecurity office in the White House
o White House office is needed because the Department of Homeland Security isn't equipped to protect the federal government against cyberattacks
o DHS retain responsibility for the U.S. Computer Emergency Readiness Team and related functions, but it envisions a new White House National Office of Cyberspace that would coordinate and oversee cybersecurity efforts governmentwide
· Develop new government regulations focused on protecting computer networks in the U.S. Many of those regulations would focus on refining government efforts to protect its own cyber infrastructure, but regulations on private industry are needed as well
· Reject the market-driven approach to cybersecurity advanced by President Bush
· Develop new regulations are needed for the IT, finance and energy industries — including the use of identity authentication credentials — and for supervisory control and data acquisition, or SCADA, systems
· Change government’s own acquisition rules for IT products to focus more on cybersecurity
· Allow U.S. residents to use government-issued cyber credentials for their online activities
· Develop a new national cybersecurity strategy that includes diplomacy, military action, changes in policy and the involvement of intelligence and law enforcement officials in the U.S.
· Put a new emphasis on having the government work with the private sector, with clearly defined responsibilities and a focus on building trust with the business community.
· Increase spending on cybersecurity research and create a scholarship program to encourage more college students to obtain cybersecurity degrees.
Archives
Subscribe to Posts [Atom]