Comprehensive National Cybersecurity Initiative
On Tuesday, the White House published an unclassified summary of its Comprehensive National Cybersecurity Initiative (CNCI). Howard Schmidt made the announcement at the RSA Conference. These are the 12 initiatives in the plan:
- Initiative #1. Manage the Federal Enterprise Network as a single network enterprise with Trusted Internet.
- Initiative #2. Deploy an intrusion detection system of sensors across the Federal enterprise.
- Initiative #3. Pursue deployment of intrusion prevention systems across the Federal enterprise.
- Initiative #4: Coordinate and redirect research and development (R&D) efforts.
- Initiative #5. Connect current cyber ops centers to enhance situational awareness.
- Initiative #6. Develop and implement a government-wide cyber counterintelligence (CI) plan.
- Initiative #7. Increase the security of our classified networks.
- Initiative #8. Expand cyber education.
- Initiative #9. Define and develop enduring “leap-ahead” technology, strategies, and programs.
- Initiative #10. Define and develop enduring deterrence strategies and programs.
- Initiative #11. Develop a multi-pronged approach for global supply chain risk management.
- Initiative #12. Define the Federal role for extending cybersecurity into critical infrastructure domains.
While this transparency is a good, in this sort of thing the devil is in the details—and we don’t have any details. We also don’t have any information about the legal authority for cybersecurity, and how much the NSA is, and should be, involved. Good commentary on that here. EPIC is suing the NSA to learn more about its involvement.