White House Cyber Coordinator Howard Schmidt used a keynote speech at a well-attended conference in Washington yesterday to make the case for improving how people and systems are identified in cyberspace—an indication of how important the Obama administration considers identity management to overall cybersecurity efforts.
While a focus on better verifying the identities of feds that use government computer systems isn’t new—after all, that was a key aim of the Bush administration’s Homeland Security Presidential Directive-12 smart card initiative—Schmidt wants to improve online identification outside of government as well.
Schmidt framed the problem of accurately identifying people and systems in cyberspace as one that affects security and economics. The ability to conduct cyber transactions involves everything from electronic medical health records to online banking, and he called for the creation of an identity ecosystem.
“Not only do we have to worry about who we are interacting with, but those on the other side [that] we’re doing business with—whether it’s business with government, business with banking, business with transportation—that those computer systems have to trust that it’s really us, and with the botnets we’ve seen, the comprised computer systems, that’s been as much of a challenge as anything else,” Schmidt told a crowd at the Symantec Government Symposium in Washington.
Schmidt previewed a draft national strategy for improving the trustworthiness of digital identities in cyberspace that the White House plans to release June 25. He said improving how people are identified in cyberspace shouldn’t make things harder on end users; rather, solutions should be cost-effective, easy to use, and voluntary.
“We should not have to dramatically change the way we do business,” he added.
According to Schmidt, the use of the public key infrastructure will enable enhancements. He said that the roughly 17 or so passwords that he has aren’t getting any easier to remember.
“The end user shouldn’t have to sit there and figure out [whether] this is something that has the ability to have somebody infringe upon my privacy. Is this something that I could lose my credit card number over, they shouldn’t have to think about that so as a consequence we’re looking to make it more convenient?” he said.
In the end, the extent that the White House’s strategy, the National Strategy for Trusted Identities in Cyberspace, leads to developments that make things simpler for the vast majority of Internet users who aren’t technologists will likely play a big role in whether Schmidt’s vision for an online identity ecosystem is realized.
“We all know in this room the more complex security is the less people that are going to use it, so if we make security part of things they’re used to doing anyway, they’ll use it,” Schmidt explained.
Posted on Jun 23, 2010 at 7:21 PM1 comments
A Senate push for sweeping, bipartisan cybersecurity legislation is gaining traction in the House.
Some senior lawmakers on the House Homeland Security Committee have expressed support for a comprehensive proposal to bolster computer security that was introduced last week by Sens. Joe Lieberman (I-Conn.), Susan Collins (R-Maine) and Thomas Carper (D-Del.).
During a committee hearing, Reps. Jane Harman (D-Calif.) and Peter King (R-N.Y.) said they supported the Senate measure and pledged to sponsor similar legislation in the House.
Harman leads the committee’s Intelligence, Information Sharing and Terrorism Risk Assessment Subcommittee, and King is the ranking Republican on the full committee.
Related: DHS would be cyber power center under Lieberman/Collins proposal
The Senate bill is the second comprehensive cybersecurity bill introduced in that chamber during this congressional session. The Senate Commerce Committee approved a different comprehensive measure earlier this year, and Lieberman has said repeatedly that Senate Majority Leader Harry Reid (D-Nev.) wants cybersecurity legislation passed this year.
Meanwhile, although the House has many cybersecurity bills pending, a comprehensive reform bill hasn't been introduced.
“I think [the Senate bill] is an excellent effort," Harman said. "I’m sure it will change as it goes through the legislative process, but it will be a good thing to work with our counterparts in the Senate on this."
She said the legislation would give the government new powers and new focus and perhaps provide the sustained leadership that Richard Skinner, the Homeland Security Department’s inspector general, said today was urgently needed.
Posted on Jun 17, 2010 at 7:21 PM1 comments
The technology trade association TechAmerica is worried about regulatory provisions in a comprehensive cybersecurity bill that Sens. Joseph Lieberman (I-Conn.), Susan Collins (R-Maine), and Thomas Carper (D-Del.) introduced on June 10.
“Good intentions aside, America’s technology companies are concerned about the unintended consequences that would result from the legislation’s regulatory approach,” Phil Bond, TechAmerica's president and chief executive officer, said in a statement.
The group’s worries center on powers the bill would give the Homeland Security Department. The measure would set up a new center at DHS to protect the country’s computer networks, power grid and critical infrastructure from cyberattack.
Despite the group’s fears about some of the bill’s provisions, Bond saluted the senators for taking up the cybersecurity cause and for acknowledging industry’s role in improving computer security.
TechAmerica expressed support for parts of the bill that would elevate offices dealing with cybersecurity at DHS and in the White House. The group also called the bill’s provisions to reform the Federal Information Security Management Enhancement Act, to support research and development in cybersecurity, and to bolster the federal cybersecurity workforce a significant step forward. In addition, Bond said there were positive aspects of the senators’ approach to dealing with supply chain security.
Previously, the group also expressed worries about a comprehensive cybersecurity bill proposed by Sens. Jay Rockefeller (D-W. Va.) and Olympia Snowe (R-Maine) that cleared the Senate Commerce Committee in March.
Posted on Jun 11, 2010 at 7:22 PM0 comments