On April 13, 2016, the White House unveiled the members of the new Cybersecurity Commission and on April 14, 2016, the commission met for the first time. The commission has less than eight months to address a number of key items, with a deadline of December 1, 2016 to finish its efforts. The commission announced plans to focus on the eight main priority items the Executive Order including protecting critical infrastructure; research and development; Internet of Things; cybersecurity for state and local governments; identity management issues; cyber workforce; improving consumer cybersecurity; government uses of technology and overall government cybersecurity practices. The commission also added two new topics to include insurance and the need for international cyber norms for consideration as well.

The commission also announced plans to hold five workshops around the country with specific plans for the first four sessions: May focused on best practices; June on research and development; July on critical infrastructure and August on retail and consumer practices.

The commission was created by the Obama Administration through a new cybersecurity Executive Order, which stated the commission’s mission is “to enhance cybersecurity awareness and protections at all levels of government, business, and society, to protect privacy, to ensure public safety and economic and national security, and to empower Americans to take better control of their digital security.” The commission is housed at the U.S. Department of Commerce and is comprised of twelve members of the private sector and academic community.

President Obama stated “I have charged the Commission on Enhancing National Cybersecurity with the critically-important task of identifying the steps that our nation must take to ensure our cybersecurity in an increasingly digital world.” The commission includes representatives of the financial services, communications, and technology sectors along with a series of academics and former national security and law enforcement officials. Secretary Pritzker reiterated the U.S. Department of Commerce’s support for the commission through the work of the National Institute of Standards and Technology (NIST). An executive director who will support the commission.

This is a key part of a broader implementation of the Cybersecurity National Action Plan (CNAP) that we described on February 9, 2016 in a prior article. The plan includes a host of action items focused on improving federal information technology and cybersecurity; empowering individuals and protecting their privacy; strengthening the nation’s critical infrastructure; improving cybersecurity incident response and promoting international norms to promote international cooperation and prevent attacks on civilian critical infrastructure.