President Obama and Congress have tagged investment in cybersecurity as a means to help stimulate the economy. The stimulus bill, (H.R.1) passed by the House included $50 million for cybersecurity under the Public Health and Social Services Fund. The Senate's version has included an additional $14 million to fund enhanced cybersecurity research. Additionally, the Obama administration and Department of Homeland Security (DHS) have included cybersecurity as a focus in protecting the country's information networks.
According to the White House's Homeland Security Agenda, President Obama plans on appointing a national cyber advisor who will be responsible for coordinating federal agency efforts and development of national cyber policy. The Administration plans to work with the private sector to develop systems and technology to enhance the security of the nation's, current and future, computer hardware and software, storage and networks by implementing the following:
- Initiate a Safe Computing R&D Effort and Harden our Nation's Cyber Infrastructure: An initiative to develop next-generation secure computers and networking for national security applications. Work with industry and academia to develop and deploy a new generation of secure hardware and software for our critical cyber infrastructure.
- Protect the IT Infrastructure That Keeps America's Economy Safe: Work with the private sector to establish tough new standards for cybersecurity and physical resilience.
- Prevent Corporate Cyber-Espionage: Work with industry to develop the systems necessary to protect our nation's trade secrets and our research and development.
- Develop a Cyber Crime Strategy to Minimize the Opportunities for Criminal Profit: Eliminate mechanisms used to transmit criminal profits by shutting down untraceable Internet payment schemes. Initiate a grant and training program to provide federal, state, and local law enforcement agencies the tools they need to detect and prosecute cyber crime.
- Mandate Standards for Securing Personal Data and Require Companies to Disclose Personal Information Data Breaches: Partner with industry and our citizens to secure personal data stored on government and private systems. Institute a common standard for securing such data across industries and protect the rights of individuals in the information age.
On the regulatory side, the nominee for Secretary of DHS, Janet Napolitano, made cybersecurity a point of emphasis in her confirmation testimony. As a nominee, she indicated that she intends to take a close look at the Department's role in this area, working with the White House, other federal agencies, state governments and the private sector. Upon a swift confirmation by the Senate on January 20th, Secretary Napolitano, within the first week on the job, issued new action directives – one of which was cybersecurity. Each directive instructs specific agencies to gather information, review existing strategies and programs and to provide reports back to the Secretary. The agencies that the cybersecurity directive is focused on are the Departments of Defense, Treasury, and Energy, and the National Security Agency. A final report is due February 17th. Secretary Napolitano believes the directives "will unify our shared efforts and help me assess where improvements need to be made."