News / Science & Technology

Obama Administration Offers Companies Broad Standards to Improve Cybersecurity

Reuters
The U.S. government on Wednesday released the final version of standards meant to help companies in nationally critical industries better defend against cyber attacks, and officials now face the challenge of getting the private sector to adopt the voluntary measures.

Criticized for being too vague and toothless, the so-called cybersecurity framework turned a vast amount of industry input into guidelines designed for 16 different sectors whose disruption could be devastating to the country.

The release from the National Institute of Standards and Technology comes exactly one year after President Barack Obama issued an executive order directing the agency to compile voluntary minimum cybersecurity standards as one step to counter the lack of progress on cybersecurity law in Congress.

“While I believe today's Framework marks a turning point, it's clear that much more work needs to be done to enhance our cybersecurity,” Obama said in a statement.

“I again urge Congress to move forward on cybersecurity legislation that both protects our nation and our privacy and civil liberties,” he said. “Meanwhile, my Administration will continue to take action, under existing authorities, to protect our nation from this threat.”

The framework, drafted by the nonregulatory government agency in consultation with thousands of industry experts, offers broad benchmarks for companies to measure the effectiveness of their cyber defenses.

The Obama administration had faced intense pushback from the private sector on its earlier effort to mandate cyber defense standards, which contributed to stalled legislation. Now, the White House hopes companies voluntarily adopt the framework they have helped draft.

“This voluntary Framework is a great example of how the private sector and government can, and should, work together to meet this shared challenge,” Obama said, and a senior administration official called the framework the beginning of a “continuing common-sense conversation” about protecting the nation's critical assets from cyber attacks.

“I think that the NIST standards will become over the next year or two, while we are waiting for legislation, the de facto best practices, just because they are accessible and current,” said Jonathan Fairtlough, managing director at Kroll Advisory Solutions' cyber investigations practice.

Will private sector adapt standards?

Cybersecurity experts warn that relentless efforts to hack into U.S. banks and financial institutions, the power grid and other critical infrastructure, paired with instances of disruptive attacks abroad, pose a national security threat.

The issue recently became a household topic after hackers stole about 40 million credit and debit card records and 70 million other records with personal customer data from the third-largest U.S. retailer, Target Corp.

Many experts have expressed alarm about the lack of awareness or reluctance among some companies' leadership to spend more money on cyber defenses. The framework could force the issue into more executive suites, analysts say.

“At a minimum, it's going to force this conversation up the food chain, out of the CEO office into the boardroom,” said Tom Kellermann, a former member of Obama's Commission on Cyber Security and software company executive now with professional services firm Alvarez & Marsal.

But it is unclear whether the private sector, always concerned about liabilities attached to any standards, would widely adopt the voluntary framework.

The departments of Homeland Security, Commerce and Treasury are reviewing potential incentives for adoption, though some companies worry that incentives will come with strings attached and prompt more regulatory oversight or threat of lawsuits.

The White House has emphasized the voluntary nature of the framework and the need for companies to view cybersecurity as a business decision, part of its risk-management strategy.

“We may not ever know how widely the framework has been adopted, because obviously there's not a requirement,” a second senior Obama administration official said on Wednesday. “There's an enlightened sense here that we're counting on.”

Department of Homeland Security on Wednesday also launched a program called Critical Infrastructure Cyber Community that would help companies reach out to the government for assistance in adopting the framework, and that participation may help gage the popularity of the standards, the official said.

Questions about effectiveness

But it is also unclear how effective the framework will prove in practice.

“At that high level, they got it right. ... Further down, it gets murky really fast,” said Andrew Ginter, vice president of industrial security at Waterfall Security Solutions, whose clients include power plants and water-treatment facilities.

“The NIST framework never uses the word 'firewall.' It's that abstract,” he said, referring to a common standard component of network security.

The framework offers sweeping categories such as “access control” or “data security” to evaluate how effectively a company identifies and protects network assets, and detects, responds to and recovers from breaches, on a one-to-four-tier scale for implementation.

The categories then break into subcategories, such as keeping inventories of used software platforms and applications, ensuring that top executives know roles and responsibilities, and setting information security policies.

The document also incorporates how the companies could do that while protecting privacy and civil liberties.

The framework builds on and references existing regulations, many of which were developed for specific sectors, such as energy and financial services.

“It can get really quite hard” studying and balancing various existing standards, said Dave Burg, who advises corporations on cybersecurity strategies at consultancy PricewaterhouseCoopers. “This framework will provide a very nice baseline against which companies can test themselves.”

You May Like

Islamic State Survivor: A Yazidi Girl's Tale

Sarah Said Haydar, captured a year ago while fleeing Islamic State onslaught in northern Iraq, was so traumatized by militants, she sought to end her own life More

EU, US Applaud Kosovo Law on Special Court

Joint statement says lawmakers' decision to address allegations of war crimes 'demonstrated their commitment to the rule of law and to honor international agreements' More

ASEAN Ministers to Push for S. China Sea Agreements

According to documents obtained by VOA Khmer, ministers will stand up for 'freedom of navigation, unimpeded lawful maritime commerce, trade and over flight' More

This forum has been closed.
Comments
     
There are no comments in this forum. Be first and add one

Featured Videos

Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
Cambodia Makes Progress Curbing Bear Tradei
X
Robert Carmichael
August 04, 2015 3:07 PM
Cambodia’s wild bears are under unprecedented pressure. Their native forests are being cut down at record rates, and China's huge demand for traditional medicine has made them targets. But experts say Cambodia's conservation efforts are setting an example that has put it well ahead of its neighbors in protecting bears. Robert Carmichael reports for VOA from Phnom Penh.
Video

Video Cambodia Makes Progress Curbing Bear Trade

Cambodia’s wild bears are under unprecedented pressure. Their native forests are being cut down at record rates, and China's huge demand for traditional medicine has made them targets. But experts say Cambodia's conservation efforts are setting an example that has put it well ahead of its neighbors in protecting bears. Robert Carmichael reports for VOA from Phnom Penh.
Video

Video Growing Number of E. Jerusalem Palestinians Seek Israeli Citizenship

Most Palestinians living in East Jerusalem have long rejected the option of full Israeli citizenship, seeing it as a betrayal to their political cause - the formation of a Palestinian state with East Jerusalem as its capital. But as that dream remains elusive, more and more Palestinians are applying for Israeli citizenship. Zlatica Hoke reports the decision is hard for many Palestinians who say they have to be pragmatic about it.
Video

Video With No Money, More Students, African Universities Struggle

Academics from around the African continent converged in Johannesburg last week for the African Universities Summit, a chance to tackle some of the major issues facing higher education in Africa today. VOA's Anita Powell reports from Johannesburg.
Video

Video Iraqi Yazidis Fear Death of Their Community

A year ago on August 3, Islamic State militants stormed the homelands of Iraq’s Yazidi minority, killing hundreds of men and enslaving thousands of women. The scenes of desperate Yazidi families crowding on the top of Sinjar mountain without food or water spurred Kurdish fighters into action, an emergency airlift and the start of the U.S. airstrike campaign against the Islamic State Sunni extremists. VOA's Sharon Benh reports from northern Iraq.
Video

Video Bangkok Warned It Soon Could Be Submerged

Italy's Venice and America's New Orleans are not the only cities gradually submerging. The nearly ten million residents of the Bangkok urban area now must confront warnings the city could become uninhabitable in a few decades. VOA Correspondent Steve Herman reports from the Thai capital.
Video

Video Inclusive Gym Gets People With Disabilities in Fitness Spirit

Individuals with special needs are 58 percent more likely to be obese than the general population. According to the U.S. Centers for Disease Control, they also have an increased likelihood of anxiety, depression and social isolation. But a sports club outside Washington wants to make a difference in these people's lives. With Carol Pearson narrating, VOA's June Soh reports.
Video

Video Wisconsin's Voter ID Law Still Mired In Controversy

Voter ID laws have sparked controversy across the US. More than 30 states enacted laws requiring citizens to show identification before they vote. Against fierce opposition, the state of Wisconsin recently enacted one the most restrictive voter ID laws in country. As Jeff Swicord reports, no one can predict its impact as the 2016 election nears.
Video

Video Astronauts Train Underwater for Deep Space Missions

Manned deep space missions are still a long way off, but space agencies are already testing procedures, equipment and human stamina for operations in extreme environment conditions. Small groups of astronauts take turns in spending days in an underwater lab, off Florida’s southern coast, simulating future missions to some remote world. VOA’s George Putic reports.
Video

Video Ebola Vaccine Hailed as Highly Effective

At last, there's a way to end the suffering from the Ebola epidemic that has ravaged West Africa for more than a year. Researchers say the vaccine is so effective, there may never be a major outbreak of Ebola again. VOA's Carol Pearson reports.
Video

Video Special Olympics Show Competitors' Skill, Determination

Special Olympics competitions will wrap up Saturday in Los Angeles, and the closing ceremony for athletes with intellectual disabilities will be held Sunday night. In a week of competition, athletes have shown what they can do through skill and determination. VOA's Mike O'Sullivan reports.
Video

Video Civil Rights Leaders Struggled to Achieve Voting Rights Act

Fifty years ago, lawmakers approved, and U.S. President Lyndon Johnson signed, the Voting Rights Act of 1965. The measure outlawed racial discrimination in voting, giving millions of blacks in many parts of the southern United States federal enforcement of the right to vote. Correspondent Chris Simkins introduces us to some civil rights leaders who were on the front lines in the struggle for voting rights.
Video

Video Shooter’s Grill: Serving Food with a Touch of the Second Amendment

Shooter's Grill, a restaurant in Rifle, Colorado, attracts visitors from all over the world as well as local patrons. The reason? Waitresses openly carry loaded firearms as they serve food, and customers are welcome to carry them, too. VOA's Enming Liu and Lin Yang paid a visit to Shooter's Grill, and heard different opinions about this unique establishment.
Video

Video Despite Controversy, Business Owner Continues Sale of Confederate Flags

At Cooter’s, a store in rural Sperryville, Virginia, about 120 kilometers west of Washington, D.C., Confederate flags are flying off the shelves. The red, white and blue battle flag, with 13 white stars representing the Confederate states, was carried by southern forces during the U.S. Civil War in the 1860s. The South had seceded from the Union over several key issues of disagreement, including slavery. VOA’s Deborah Block has the story.
Video

Video Booming London Property a ‘Haven for Dirty Money’

Billions of dollars of so-called ‘dirty money’ from the proceeds of crime - especially from Russia - are being laundered through the London property market, according to anti-corruption activists. As Henry Ridgwell reports from the British capital, the government has pledged to crack down on the practice.
Video

Video Hometown of Boy Scouts of America Founder Reacts to Gay Leader Decision

Ottawa, Illinois, is the hometown of W.D. Boyce, who founded the Boy Scouts of America in 1910. In Ottawa, where Scouting remains an important part of the legacy of the community, the end of the organization's ban on openly gay adult leaders was seen as inevitable. VOA's Kane Farabaugh reports.

VOA Blogs