News / Science & Technology

Obama Administration Offers Companies Broad Standards to Improve Cybersecurity

Reuters
The U.S. government on Wednesday released the final version of standards meant to help companies in nationally critical industries better defend against cyber attacks, and officials now face the challenge of getting the private sector to adopt the voluntary measures.

Criticized for being too vague and toothless, the so-called cybersecurity framework turned a vast amount of industry input into guidelines designed for 16 different sectors whose disruption could be devastating to the country.

The release from the National Institute of Standards and Technology comes exactly one year after President Barack Obama issued an executive order directing the agency to compile voluntary minimum cybersecurity standards as one step to counter the lack of progress on cybersecurity law in Congress.

“While I believe today's Framework marks a turning point, it's clear that much more work needs to be done to enhance our cybersecurity,” Obama said in a statement.

“I again urge Congress to move forward on cybersecurity legislation that both protects our nation and our privacy and civil liberties,” he said. “Meanwhile, my Administration will continue to take action, under existing authorities, to protect our nation from this threat.”

The framework, drafted by the nonregulatory government agency in consultation with thousands of industry experts, offers broad benchmarks for companies to measure the effectiveness of their cyber defenses.

The Obama administration had faced intense pushback from the private sector on its earlier effort to mandate cyber defense standards, which contributed to stalled legislation. Now, the White House hopes companies voluntarily adopt the framework they have helped draft.

“This voluntary Framework is a great example of how the private sector and government can, and should, work together to meet this shared challenge,” Obama said, and a senior administration official called the framework the beginning of a “continuing common-sense conversation” about protecting the nation's critical assets from cyber attacks.

“I think that the NIST standards will become over the next year or two, while we are waiting for legislation, the de facto best practices, just because they are accessible and current,” said Jonathan Fairtlough, managing director at Kroll Advisory Solutions' cyber investigations practice.

Will private sector adapt standards?

Cybersecurity experts warn that relentless efforts to hack into U.S. banks and financial institutions, the power grid and other critical infrastructure, paired with instances of disruptive attacks abroad, pose a national security threat.

The issue recently became a household topic after hackers stole about 40 million credit and debit card records and 70 million other records with personal customer data from the third-largest U.S. retailer, Target Corp.

Many experts have expressed alarm about the lack of awareness or reluctance among some companies' leadership to spend more money on cyber defenses. The framework could force the issue into more executive suites, analysts say.

“At a minimum, it's going to force this conversation up the food chain, out of the CEO office into the boardroom,” said Tom Kellermann, a former member of Obama's Commission on Cyber Security and software company executive now with professional services firm Alvarez & Marsal.

But it is unclear whether the private sector, always concerned about liabilities attached to any standards, would widely adopt the voluntary framework.

The departments of Homeland Security, Commerce and Treasury are reviewing potential incentives for adoption, though some companies worry that incentives will come with strings attached and prompt more regulatory oversight or threat of lawsuits.

The White House has emphasized the voluntary nature of the framework and the need for companies to view cybersecurity as a business decision, part of its risk-management strategy.

“We may not ever know how widely the framework has been adopted, because obviously there's not a requirement,” a second senior Obama administration official said on Wednesday. “There's an enlightened sense here that we're counting on.”

Department of Homeland Security on Wednesday also launched a program called Critical Infrastructure Cyber Community that would help companies reach out to the government for assistance in adopting the framework, and that participation may help gage the popularity of the standards, the official said.

Questions about effectiveness

But it is also unclear how effective the framework will prove in practice.

“At that high level, they got it right. ... Further down, it gets murky really fast,” said Andrew Ginter, vice president of industrial security at Waterfall Security Solutions, whose clients include power plants and water-treatment facilities.

“The NIST framework never uses the word 'firewall.' It's that abstract,” he said, referring to a common standard component of network security.

The framework offers sweeping categories such as “access control” or “data security” to evaluate how effectively a company identifies and protects network assets, and detects, responds to and recovers from breaches, on a one-to-four-tier scale for implementation.

The categories then break into subcategories, such as keeping inventories of used software platforms and applications, ensuring that top executives know roles and responsibilities, and setting information security policies.

The document also incorporates how the companies could do that while protecting privacy and civil liberties.

The framework builds on and references existing regulations, many of which were developed for specific sectors, such as energy and financial services.

“It can get really quite hard” studying and balancing various existing standards, said Dave Burg, who advises corporations on cybersecurity strategies at consultancy PricewaterhouseCoopers. “This framework will provide a very nice baseline against which companies can test themselves.”

You May Like

Turkey: No Ransom Paid for Release of Hostages Held by IS Militants

President Erdogan hails release of hostages as diplomatic success but declines to be drawn on whether their release freed Ankara's hand to take more active stance against insurgents More

Audio Sierra Leone Ends Ebola Lockdown

Health ministry says it has reached 75 percent of its target of visiting 1.5 million homes to locate infected, educate population about virus More

US Pivot to Asia Demands Delicate Balancing Act

As tumult in Middle East distracts Obama administration, efforts to shift American focus eastward appear threatened More

This forum has been closed.
Comments
     
There are no comments in this forum. Be first and add one

Featured Videos

Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
Saving Global Fish Stocks Starts in the Kitcheni
X
September 22, 2014 11:42 AM
With an estimated 90 percent of the world’s larger fish populations having already vanished, a growing number of people in the seafood industry are embracing the concept of sustainable fishing and farming practices. One American marine biologist turned restaurateur in Thailand is spreading the word among fellow chefs and customers. VOA Correspondent Steve Herman reports from Bangkok.
Video

Video Saving Global Fish Stocks Starts in the Kitchen

With an estimated 90 percent of the world’s larger fish populations having already vanished, a growing number of people in the seafood industry are embracing the concept of sustainable fishing and farming practices. One American marine biologist turned restaurateur in Thailand is spreading the word among fellow chefs and customers. VOA Correspondent Steve Herman reports from Bangkok.
Video

Video For West Ukraine City, Conflict Far Away Yet Near

The western Ukrainian city of Lviv prides itself on being both physically and culturally close to Western Europe. The Russian-backed separatists in the eastern part of the country are 1,200 kilometers away, and seemingly even farther away in their world view. Still, as VOA’s Al Pessin reports, the war is having an impact in Lviv.
Video

Video Chinese Admiral Key in China’s Promotion of Sea Links

China’s President last week wrapped up landmark visits to India, Sri Lanka and Maldives, part of a broader campaign to promote a new “Maritime Silk Road” in Asia. The Chinese government’s promotion efforts rely heavily on the country’s best-known sailor, a 15th century eunuch named Zheng He. VOA's Bill Ide reports from the sailor’s hometown in Yunnan on the effort to promote China’s future by recalling its past.
Video

Video Experts Fear Ebola Outbreak ‘Beyond Our Capability to Contain’

Each day brings with it new warnings about the deadly Ebola outbreak already blamed for killing more than 2,600 people across West Africa. And while countries and international organizations like the United Nations are starting to come through on promises of help for those most affected, the unprecedented speed with which the virus has spread is raising questions about the international response. VOA's Jeff Seldin has more from Washington.
Video

Video Natural Gas Export Plan Divides Maryland Town

A U.S. power company that has been importing natural gas now wants to export it. If approved, its plant in Lusby, Maryland, would likely be the first terminal on the United States East Coast to export liquefied natural gas from American pipelines. While some residents welcome the move because it will create jobs, others oppose it, saying the expansion could be a safety and environmental hazard. VOA’s Deborah Block examines the controversy.
Video

Video Difficult Tactical Battle Ahead Against IS Militants in Syria

The U.S. president has ordered the military to intensify its fight against the Islamic State, including in Syria. But how does the military conduct air strikes in a country that is not a U.S. ally? VOA correspondent Carla Babb reports from the Pentagon.
Video

Video Iran, World Powers Seek Progress in Nuclear Talks

Iran and the five permanent members of the U.N. Security Council plus Germany, known as the P5 + 1, have started a new round of talks on Iran's nuclear program. VOA State Department correspondent Pam Dockins reports that as the negotiations take place in New York, a U.S. envoy is questioning Iran's commitment to peaceful nuclear activity.
Video

Video Alibaba Shares Soar in First Day of Trading

China's biggest online retailer hit the market Friday -- with its share price soaring on the New York Stock Exchange. The shares were priced at $68, but trading stalled at the opening, as sellers held onto their shares, waiting for buyers to bid up the price. More on the world's biggest initial public offering from VOA’s Bernard Shusman in New York.
Video

Video Migrants Caught in No-Man's Land Called Calais

The deaths of hundreds of migrants in the Mediterranean this week has only recast the spotlight on the perils of reaching Europe. And for those forunate enough to reach a place like Calais, France, only find that their problems aren't over. Lisa Bryant has the story.
Video

Video Westgate Siege Anniversary Brings Back Painful Memories

One year after it happened, the survivors of the terror attack on Nairobi's Westgate Shopping Mall still cannot shake the images of that tragic incident. For VOA, Mohammed Yusuf tells the story of victims still waiting for the answer to the question 'how could this happen?'
Video

Video Whaling Summit Votes to Uphold Ban on Japan Whale Hunt

The International Whaling Commission, meeting in Slovenia, has voted to uphold a court ruling banning Japan from hunting whales in the Antarctic Ocean. Conservationists hailed the ruling as a victory, but Tokyo says it will submit revised plans for a whale hunt in 2015. Henry Ridgwell reports from London.
Video

Video A Dinosaur Fit for Land and Water

Residents and tourists in Washington D.C. can now examine a life-size replica of an unusual dinosaur that lived almost a hundred million years ago in northern Africa. Scientists say studying the behemoth named Spinosaurus helps them better understand how some prehistoric animals adapted to life on land and in water. The Spinosaurus replica is on display at the National Geographic museum. VOA’s George Putic has more.
Colonel Steve ‘Spiros’ Pisanos left Greece and came to the U.S. to learn to fly. He flew fighters for the Allies in World War II, narrowly escaping death multiple times.Colonel Steve ‘Spiros’ Pisanos left Greece and came to the U.S. to learn to fly. He flew fighters for the Allies in World War II, narrowly escaping death multiple times.

AppleAndroid