Feeds

Obama signs off on secret national cybersecurity plan

Meanwhile, Congress sits on its hands

Combat fraud and increase customer satisfaction

President Obama has signed off on Presidential Policy Directive 20, a cybersecurity plan that seeks to establish the rules of engagement for defending the US critical infrastructure against online attack.

"What it does, really for the first time, is it explicitly talks about how we will use cyber operations," a senior administration official who has seen the classified report told the Washington Post.

"Network defense is what you're doing inside your own networks. ... Cyber operations is stuff outside that space, and recognizing that you could be doing that for what might be called defensive purposes."

The new directive is the first time the official US position on cyber threats has been revised since 2004, and sets out the terms by which the military can operate on civilian networks in order to fight off online attacks. It's intended to stop infighting among different government departments in the event of an attack.

The Pentagon has already declared the online world as one where it must have both and offensive and defensive capability, and this new directive gives clear guidance as to what is permissible.

Of course, this directive may never be used if the national critical infrastructure is protected already. But that's unlikely to happen, thanks to the ongoing logjam in the US Congress, as neither political party is showing any signs of being able to solve the issue to each other's satisfaction.

In August, the proposed US Cybersecurity Act 2012, which requires mandatory security standards for those government departments and private networks that make up the US critical infrastructure, was shot down by Republicans in the Senate.

The legislation was up before the Senate again on Wednesday, but only got 51 votes to 47, allowing the Republicans once again to enforce the filibuster rule and kill the legislation. The move makes it more likely that President Obama will have to issue a decree on the issue to enforce some common security standards.

"It's imperative that Democrats and Republicans work together to address what national security experts have called 'the most serious challenge to our national security since the onset of the nuclear age sixty years ago'," said Senate majority leader Harry Reid in a statement. ®

Top three mobile application threats

More from The Register

next story
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
APPLE FAILS to ditch class action suit over ebook PRICE-FIX fiasco
Do not pass go, do cough (up to) $840m in damages
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.