Feeds

Obama signs off on secret national cybersecurity plan

Meanwhile, Congress sits on its hands

Website security in corporate America

President Obama has signed off on Presidential Policy Directive 20, a cybersecurity plan that seeks to establish the rules of engagement for defending the US critical infrastructure against online attack.

"What it does, really for the first time, is it explicitly talks about how we will use cyber operations," a senior administration official who has seen the classified report told the Washington Post.

"Network defense is what you're doing inside your own networks. ... Cyber operations is stuff outside that space, and recognizing that you could be doing that for what might be called defensive purposes."

The new directive is the first time the official US position on cyber threats has been revised since 2004, and sets out the terms by which the military can operate on civilian networks in order to fight off online attacks. It's intended to stop infighting among different government departments in the event of an attack.

The Pentagon has already declared the online world as one where it must have both and offensive and defensive capability, and this new directive gives clear guidance as to what is permissible.

Of course, this directive may never be used if the national critical infrastructure is protected already. But that's unlikely to happen, thanks to the ongoing logjam in the US Congress, as neither political party is showing any signs of being able to solve the issue to each other's satisfaction.

In August, the proposed US Cybersecurity Act 2012, which requires mandatory security standards for those government departments and private networks that make up the US critical infrastructure, was shot down by Republicans in the Senate.

The legislation was up before the Senate again on Wednesday, but only got 51 votes to 47, allowing the Republicans once again to enforce the filibuster rule and kill the legislation. The move makes it more likely that President Obama will have to issue a decree on the issue to enforce some common security standards.

"It's imperative that Democrats and Republicans work together to address what national security experts have called 'the most serious challenge to our national security since the onset of the nuclear age sixty years ago'," said Senate majority leader Harry Reid in a statement. ®

Internet Security Threat Report 2014

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Bono: Apple will sort out monetising music where the labels failed
Remastered so hard it would be difficult or impossible to master it again
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.