Cybersecurity Report Nears Obama’s Desk


The team commissioned by President Obama to conduct a sweeping evaluation of the government’s cybersecurity activities has completed its report, which it is in the process of submitting to the White House for review.

The two-month review, which scrutinized the programs in place to protect the nation’s digital infrastructure throughout the government and into the private sector, was billed as a first step toward a thorough revamping of the government’s much-maligned cybersecurity apparatus.

“The report being submitted summarizes the review team’s conclusions and outlines the beginning of the way forward in building a reliable, resilient, trustworthy digital infrastructure for the future,” White House Press Secretary Robert Gibbs said in a statement. “After the president has had an opportunity to carefully review the group’s report, we will begin discussing the results.”

The conclusion of the review comes as Obama’s tech-policy team is taking shape. The president recently tapped Vivek Kundra to serve as the country’s first chief information officer, and over the weekend he named Aneesh Chopra chief technology officer, another new position.

The review was headed by Melissa Hathaway, a former intelligence official in the George W. Bush administration who is seen as a strong candidate for the new position of cyber adviser Obama has said he plans to create.

Hathaway’s review will likely weigh in on how that position should be structured, as well as offer recommendations for how to fund government cybersecurity programs. In his proposed budget for fiscal 2010, Obama proposed $355 million for cybersecurity programs in the Department of Homeland Security, as well as an undisclosed amount for the classified work at the National Security Agency.

Controversy on the Hill

Balancing the cybersecurity responsibilities among those two agencies and the many others across the government has been the subject of considerable interest on Capitol Hill.

In the Senate, Commerce Committee Chairman John Rockefeller, D-W.V., introduced a sweeping cybersecurity reform bill that, among other things, seeks to promote government partnerships with private industry and develop a coordinated national strategy for shoring up information and communications systems.

Bu the Cybersecurity Act has drawn sharp criticism from groups that warn the bill’s vague language would give the government sweeping authority to interfere with the commercial Internet.

One of the most controversial provisions in the bill would direct the Commerce Department to establish a clearinghouse for information about security threats and vulnerabilities across all government and private networks supporting critical infrastructure.

“The Secretary of Commerce,” the bill reads, “shall have access to all relevant data concerning such networks without regard to any provision of law, regulation, rule or policy restricting such access.”

Echoing concerns from groups like the Center for Democracy and Technology and the Electronic Frontier Foundation, the conservative-leaning Washington Examiner blasted the bill in a recent editorial, describing it as a more aggressive assault on civil liberties than the Bush administration’s domestic surveillance program.

“This bill, which is a full frontal assault on our First Amendment rights, should be deleted from the congressional agenda immediately,” the paper wrote. Bypassing existing privacy laws to monitor electronic communications would amount to “warrantless wiretaps on steroids,” it said.

Following a two-week recess, Congress is back in session today, and the progress of the bill could be largely shaped by the findings of Hathaway’s review. Members of Hathaway’s team were in contact with the offices of Rockefeller and Olympia Snowe as they conducted their review, the Maine Republican who co-sponsored the legislation, aides to the senators told

Looking ahead, the bill could be the subject of a hearing in short order, pending the release of Hathaway’s report.

A spokeswoman for Rockefeller recently told that “this legislation is the very beginning of the process — the objective of this cybersecurity bill is to start the debate.”

News Around the Web