Obama's dreamy plan for cybersecurity
Pinch me: The White House's Cyberspace Policy Review is the best news yet for Internet security
Follow @rogeragrimesI feel like a non-Ivy League version of Prof. Paul Krugman whenever I complain about the absence of a national plan for securing the Internet. I don't have the doctorate, but I have plenty of ideas that I want to share with the White House. And like Krugman, I often think the White House hasn't gone far enough or I resign myself to the fact that, without some terrible disaster to spur us into action, we'll never get the level of Internet security we need.
But this time I am impressed. If you haven't read Obama's Cyberspace Policy Review [pdf], then you probably don't know what I'm talking about. Regardless of your politics, this is easily the best mission statement on the subject I've ever seen. Kudos to the Office of the White House and all of the people involved in creating this document. I thought the U.S. government would never get it, but they do!
[ Keep abreast of IT security news by subscribing to InfoWorld's free Security Central newsletter. ]
Plan of action
You don't have to read all 76 pages to get the picture. The Executive Summary and the Near-Term Action Plan at the beginning of the document are enough to tell you that this isn't your father's Internet security plan.
I'm so used to government failures (see CAN-SPAM Act or the multitude of Data Protection Act attempts) that I just assumed the government would never get on the right page until we came face to face with overwhelming cyber destruction. One-third of U.S. adults have had their credit card or online identity stolen. No one bats an eye when 1 million identities are stolen in a single online heist -- it isn't even news anymore. One-half of home PCs are infected by malware each year, and Web sites are compromised by the tens of thousands each night. Legitimate Web sites (e.g. www.foxnews.com) are often the ones (inadvertently) hosting the worst malware. Foreign hackers are infiltrating protected government networks like they are Swiss cheese, and the most popular social Web sites are hotbeds of malicious activity. Corporate espionage is almost a norm. Paris Hilton's smartphone is compromised seemingly every week, and the latest revealing photos struggle to find space on the already crowded pages of TMZ. How bad did it need to get before we tried something different?
Obama and his administration have responded, and I applaud them. The Cyberspace Policy Review is a great start.
