On December 1, 2016, the nonpartisan Commission on Enhancing Cybersecurity (the “Commission”), established in February 2016 by President Obama as part of a $19 billion Cybersecurity National Action Plan, issued its Report on Securing and Growing the Digital Economy (the “Report”), which includes recommended actions that the government and private sector can take over the next 10 years to improve cybersecurity. The 100-page Report contains 16 recommendations and 53 associated action items, organized around the following six imperatives:
- protect, defend and secure today’s information infrastructure and digital networks;
- innovate and accelerate investment for the security and growth of digital networks and the digital economy;
- prepare consumers to thrive in a digital age;
- build cybersecurity workforce capabilities;
- better equip government to function effectively and securely in the digital age; and
- ensure an open, fair, competitive and secure global digital economy.
The Commission’s recommendations are designed to enhance U.S. cybersecurity and prioritize investment of resources toward cybersecurity in both the public and private sectors. Specific recommended action items in the Report include incentivizing companies to implement cyber risk management principles, asking the President to initiate a national cybersecurity workforce program to train 100,000 new cybersecurity practitioners by 2020, and encouraging the FTC to work with consumer organizations and industry stakeholders to develop a standard template for documents to inform consumers of their cybersecurity roles, rights and responsibilities.
The Commission has indicated that it intends to promote the Report through December and potentially longer. The Commission’s executive director, Kiersten Todt, indicated that many of the recommendations could be executed by “commissioners in their own industries.” She also stated that the Report offered the incoming Trump Administration a “road map” on cybersecurity. The Report calls on the incoming administration to execute its recommendations in light of “the growing convergence and interdependencies of our increasingly connected world.”
In a statement on December 2, 2016, President Obama praised the Commission’s Report as “thoughtful and pragmatic” and noted that “deepening public-private cooperation will help us better protect critical infrastructure and respond to cyber incidents when they occur.”