Cybersecurity is a huge point of contention between the public and private sectors. Tech companies vie to stay unregulated in the services and level of encryption they provide to their customers, while the government seeks to mandate certain benchmarks they feel would keep the country’s data safe.
Today President Obama is announcing a step forward in government’s role in the nation’s cybersecurity, requesting an additional $3.1 billion from Congress to update the nation’s “legacy IT that is difficult to secure and expensive to maintain,” referring to the dated systems used in government computing
The Obama administration is calling this the “Information Technology Modernization Fund,” and it’s just one piece of a larger Cybersecurity National Action Plan. Overall, the White House wants to see $19 billion dedicated to improving cybersecurity nationwide for fiscal year 2017, which would be more than a 30 percent increase in cybersecurity spending from the 2016 budget.
The plan is multifaceted, including a commission to set best practices for privacy and security concerns for the entire country, and a new federal position, the Chief Information Security Officer. Whether these best practices will be current by the time the commission is operational is another question that only time will tell.
The Cybersecurity National Action Plan also puts heavy emphasis on education.
“By judiciously combining a strong password with additional factors, such as a fingerprint or a single use code delivered in a text message, Americans can make their accounts even more secure,” says a release from the White House.
Biometrics and two-factor authentication have been around for a while, but a large portion of the population still doesn’t use them of their own accord. Google and Facebook have provided two-factor authentication on services since 2011, which add strength to Google’s web services like Gmail as they’re often used in enterprise situations.
Biometrics, like fingerprint scanners in cell phones, have also been around in consumer technology for at least five years, but only saw real adoption when Apple started using them in the iPhone 5S in 2013. Since then, most mainstream cell phones have included a fingerprint scanner, like Samsung’s Galaxy line, iPhones, and Google’s Nexuses.
In accordance with the the plan, the White House is announcing partnerships with tech companies like Google, Facebook, Microsoft, and DropBox, as well as financial institutions like Visa, PayPal, and Venmo to make online banking safer. They’re even using this opportunity to review whether a social security number is the best way to identify citizens online. (Hint: it’s probably not.)
The Department of Homeland Security will also be reviewing Internet of Things devices to make sure that they’re safe from malicious attacks, even though that really doesn’t make sense because the last thing tech companies want is another government body placing potentially already-outdated standards on their devices.
This announcement is a great step forward from the already three-step behind federal government, but we’re happy to welcome them to the new millennium. The plan will start this year and will be tacked onto Obama’s already not-popular-in-Congress budget proposal.
But If even some of these items go through, it could make things safer for millions of Americans online. And with the internet reaching into more and more corners of our lives, that’s a laudable and prudent goal that the next president would be wise to follow through on as well.
Updated after publication to clarify the total amount the president’s proposal calls for.