The Obama administration is slated to deliver a comprehensive cybersecurity strategy to Congress today.
The proposal is the culmination of over two years of effort by the White House to finish laying the groundwork for the protection of critical infrastructure in the face of increased threats posed by attacks on both public and private sector network systems.
"The administration has taken significant steps to better protect America against cyberthreats, but it has become clear that our nation cannot fully defend against these threats unless certain parts of cybersecurity law are updated," a senior administration official told POLITICO.
As the first comprehensive cybersecurity initiative to be drafted by the Executive Branch, the proposal will likely be the foundation of national cybersecurity policy for subsequent administrations.
Major challenges in drafting the proposal included how to best prioritize federal security initiatives, defining the government's role in protecting and regulating private sector networks which administer the majority of the nation's critical systems, and protect privacy and civil liberties in the process.
"By introducing the first major cybersecurity legislative proposal for any administration, we are demonstrating President Obama's commitment to addressing complex and systemic national vulnerabilities that place the American people and economy at risk. Our proposal strikes a critical balance between strengthening security, preserving privacy and civil liberties protections, and fostering continued economic growth," a White House official stated.
The National Security Cyberspace Institute had released a report in January that examined the White House record on cybersecurity policy over the last two years, and gave the administration poor marks. The report was based on evaluation of the progress made on initiatives set forth in the 60-Day Cyberspace Policy Review, commonly referred to as the "Hathaway Report".
Another report by the Center for Strategic and International Studies (CSIS) released in February was highly critical of the slow pace of progress at which the government is securing critical infrastructure. A previous report by the CSIS in 2008 had generated a great deal of rhetoric, giving the impression that cyber security initiatives would be a top priority in the Obama administration.
Unfortunately, issues like a national healthcare plan, the stagnated economy, and the nation's continued engagement in conflicts in the Middle East have meant most of the initiatives outlined in the past have yet to materialize.
Events such as the Night Dragon attacks, operation Aurora, and the emergence of the Stuxnet Virus provide substantial impetus for the government to redouble efforts to secure critical infrastructure systems.
“We are now in a world in which cyber warfare is very real. It could threaten our grid system. It could threaten our financial system. It could paralyze this country, and I think that's an area we have to pay a lot more attention to," CIA director Leon Panetta told ABC News last June.
The administration's proposal will no doubt be met with a great deal of scrutiny, as anticipation of the initiatives has been building for some time. Of course, the proposal is the easy part.
Sorting through the more than fifty cybersecurity legislative bills currently being considered by Congress, battling budget constraints, political posturing in the run up to the next election, satisfying a myriad of special interests, and then actually implementing new policies and programs will prove to be the real test of the administration's leadership.