Obama’s Cyber Security Grades

Wednesday, February 2, 2011 @ 07:02 PM gHale

Students know the drill. Reports cards are coming out and you really don’t know your final grade. “Will it be an A? How about a B? Maybe a C? Am I going to eek out a passing grade with a D?” Well, during the cyber security report card season even the President of the United States got some good grades and some poor grades.

The range of grades Obama got on its cyber security policies range from a B to D.

The National Security Cyberspace Institute (NSCI) examined the administration’s record of cyber security accomplishments in a white paper.

NSCI awarded grades for progress against 10 near-term recommendations included in the White House’s 60-day Cyberspace Policy Review released in 2009.

“We awarded grades solely on our view of actual progress – not on good intentions, flowery rhetoric, the number of meetings held, commissions commissioned, or number of times administration officials have mentioned the word ‘cyber,’ ” according to the report.

None of the White House’s near-term action items received an A, for full implementation, or an F, for no progress shown.

NSCI gave the administration a B for designating cyber security as one of the president’s key management priorities and establishing performance metrics, noting its recently announced update to the Federal Information Security Management Act. The update shifts the focus from paper-based compliance reports to real-time monitoring of federal networks, according to the institute.

“The change in approach provides for faster identification and response to vulnerabilities,” the white paper said. “The administration believes the new approach builds on best practices from both government and industry, thus making our cyber security efforts more effective.”

NSCI also gave the administration a B for a lack of substantial progress in conducting interagency legal analyses of priority cyber security-related issues and formulating coherent policy guidance that clarifies the roles, responsibilities and application of agency authorities for cyber security-related activities across the federal government.

The administration received a D for the months of delay in appointing Howard Schmidt to the cyber security coordinator position, as well as another D for failing to release an updated national strategy to secure the information and communications infrastructure.

NSCI further chose to give the administration a B for continuing the dialogue on international cyber security agreements. But the White House earned a C for moving too slowly in preparing a cyber security incident response plan and enhancing public-private partnerships.

“In September 2010, the Department of Homeland Security released an interim version of a National Cyber Incident Response Plan, a mere 16 months after President Obama’s declaration of cyber security as a top administration priority,” NSCI wrote. “That’s hardly a fast-track agenda.”

The White House also scored a C for not living up to its responsibility to coordinate a national cyber security research and development agenda, according to the white paper.

Leave a Reply

You must be logged in to post a comment.