Cyberactions plan (C4ISR Journal)

Cyberactions plan

July 01, 2009

http://www.c4isrjournal.com/story.php?F=4117007

The "Cyberspace Policy Review" developed a 10-point "near-term action plan" for U.S. cybersecurity efforts:

• Appoint a cybersecurity policy official responsible for coordinating the nation's cybersecurity policies and activities; establish a strong National Security Council directorate, under the direction of the cybersecurity policy official dual-hatted to the NSC and the National Economic Council, to coordinate interagency development of cybersecurity-related strategy and policy.

• Prepare for the president's approval an updated national strategy to secure the information and communications infrastructure. This strategy should include continued evaluation of Comprehensive National Cybersecurity Initiative activities.

• Designate cybersecurity as one of the president's key management priorities and establish performance metrics.

• Designate a privacy and civil liberties official to the NSC cybersecurity directorate.

• Convene appropriate interagency mechanisms to conduct interagency-cleared legal analyses of priority cybersecurity-related issues identified during the policy-development process and formulate coherent unified policy guidance that clarifies roles, responsibilities and the application of agency authorities for cybersecurity-related activities across the federal government.

• Initiate a national public awareness and education campaign.

• Develop U.S. government positions for an international cybersecurity policy framework and strengthen our international partnerships to create initiatives that address the full range of activities, policies and opportunities associated with cybersecurity.

• Prepare a cybersecurity incident response plan; initiate a dialogue to enhance public-private partnerships with an eye toward streamlining, aligning and providing resources to optimize their contribution and engagement.

• Develop a framework for research and development strategies that focus on game-changing technologies that have the potential to enhance the security, reliability, resilience and trustworthiness of digital infrastructure; provide the research community access to event data to facilitate developing tools, testing theories and identifying solutions.

• Build a cybersecurity-based identity management vision and strategy that addresses privacy and civil liberties interests, leveraging privacy-enhancing technologies for the nation.