In the run-up to Tuesday's State of the Union Address, President Barack Obama said cybersecurity would be a major focus of his last two years in office and laid out a legislative agenda for 2015 designed to improve the nation's posture and train the next generation of cyber professionals.

Tuesday night, in a speech that ran just over an hour, the president only spoke on cybersecurity for a little more than one minute, leaving out many of the specifics the administration had been trumpeting the week before.

With his agenda already on the table, Obama took the opportunity to rally congress behind his proposals and asked for a bipartisan effort.

"No foreign nation, no hacker should be able to shut down our networks, steal our trade secrets or invade the privacy of American families, especially our kids," he said. "Tonight I urge this congress to finally pass the legislation we need to better meet the evolving threat of cyber attacks, combat identity theft and protect our children's information. That should be a bipartisan effort."

The centerpiece of Obama's cybersecurity agenda puts an emphasis on the private sector, specifically with regard to reporting data breaches — especially when consumer information is leaked — and sharing information through Information Sharing and Analysis Organizations (ISAOs).

While similar to legislation proposed in 2011, this latest effort includes targeted liability protection to encourage industry to participate.

More: Obama offers new legislative agenda on cybersecurity

"If we don't act, we leave our nation and our economy vulnerable," he said. "If we do, we can continue to protect the technologies that have unleashed untold opportunities for people around the globe."

Many private sector companies are in favor of the president's proposals, though some would like to see it go even further.

More: Industry backing Obama's cybersecurity agenda

"Xceedium applauds the increased efforts on behalf of both the president and congress to begin addressing the gaping holes in our nation's network and information security framework and policies. However, two critical gaps remain: the ability to prosecute for privileged network and data access abuse and the adoption of trust in identity," said Ken Ammon, Xceedium chief strategy officer. "In today's threat landscape, it is not a matter of if an enemy will gain access, but when. Only by focusing on identity as the new perimeter will organizations be able to break the kill chain and limit the data an attacker gains access to."

About Aaron Boyd

Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.

Share:
In Other News
Load More