March 3, 2010 By Hilton Collins
SAN FRANCISCO -- The Obama administration has declassified details of a national cyber-security program in the name of transparency and collaboration.
Howard Schmidt, Obama's cyber-security coordinator, announced the release of a lengthy summary on the Comprehensive National Cybersecurity Initiative (CNCI) -- a program that started in 2008 under the Bush administration to make the Internet more secure - during a keynote Tuesday, March 2, at the RSA Conference.
The government had been keeping the CNCI's details under wraps, but Schmidt said circumstances have changed.
"As of noontime [Tuesday], in about 15 minutes, you'll be able to go to Whitehouse.gov/cybersecurity and download the unclassified description of the CNCI and each of the 12 initiatives under the CNCI," he said to applause from hundreds of security professionals and government officials in attendance at the conference. "Transparency and partnership are concepts that have to go hand-in-hand."
The CNCI promotes partnership between the government, the private sector and academia to achieve a safer digital infrastructure. Goals under the 12 initiatives include deploying an intrusion detection system of sensors across the federal enterprise, expanding cyber-education and eliminating redundancies in research and development. The document also lists three primary goals: establishing a front line of defense against immediate threats, defending against the full spectrum of threats and strengthening the cyber-security environment for the future.
The government component of the CNCI partnership includes federal, state, local and tribal stakeholders
"Cyber-security is a shared responsibility for all of us," Schmidt said. "We must all partner together to make sure cyber-security is secure. We can only do what we can do to our secure our part in cyber-space, and that's what we're asking all of you to do," Schmidt said.
He also spoke about other federal priorities, including the updating of federal security compliance standards so that compliant entities will be more secure when meeting them, modifying the country's security strategy so it can address the newest threats, enhancing coordination among federal agencies when it comes to IT security and improving the private sector's relationship with the federal government.