Buy now and install on all your devices from one easy email. X

National Security 2.0

The White House Administration recently proposed legislation to congress that addresses the growing concern for cyberattacks on our national infrastructure.

The legislation thrusts cybersecurity into the national spotlight and marks an official response to the 50 cybersecurity-related proposals that were put forth by members of congress in just this past term, reports the plan's fact sheet.

For your reading pleasure, we've consolidated a huge amount of information from the plan into a small, yet informative synopsis. (For those that aren't interested, please enjoy the free sleep aid.)

So what's this so-called 'infrastructure' that's at risk?

In the plan, the Administration defines infrastructure as the "electricity grid, financial sector, and transportation networks that sustain our way of life." In other words, these are the private companies that we absolutely depend on for energy, communications, travel and banking.

Cybersecurity, in a nutshell, is what we use to defend ourselves against web-based threats like hackers and people who create viruses.

The important factor here is the Internet. All of the companies in these sectors are "wired" meaning that much of their information "our information" is embedded in applications that exist online.

Should any of these businesses suffer a cyberattack, we would be directly affected (i.e. social security numbers, bank accounts, electricity to our homes and devices, communications, public transportation, etc.).

Some examples of recent cyberattacks include the recent information systems attack on major defense contractor, Lockheed Martin; Google last year; and even the Stuxnet worm, which targeted nuclear plants in Iran among other countries.

The plan suggests that the government should take a more proactive role in a) how these businesses plan for cyberattacks; b) how citizens are protected and notified; and c) how punishment for cybercriminals is carried out.

What are the details of the plan?

Because the plan is just a plan, the language is a little loose. However, there are some clearly defined roles that the government wishes to take.

  1. Businesses will have to submit a plan for attack - The plan requires businesses within the deemed "critical infrastructure" sectors to create a plan. That plan will then be audited by a third party and ultimately certified by the government.
  2. The Department of Homeland Security (DHS) gets involved - This means that the DHS will quickly respond to attacks and assist a "private-sector company, state, or local government when that organization asks for its help."
  3. Data breach notification - The plan informs us that "our country has a patchwork of 47 state notification laws." The plan says that if our personal information gets hacked, the government will provide a single process for how businesses notify us, across all 50 states.
  4. Penalties for cybercriminals - Today's mafias aren't all tough guys in bowling shirts who are involved in guns and drugs; they're also hackers and malware writers who steal (and corrupt) information. The government doesn't really have an effective way to punish cybercriminal rings, nor does it have a way to synchronize cybercrimes with other crimes. This plan will "clarify" those punishments.

For further reading on this topic, we advise that you stop by www.whitehouse.gov.

By Alex Fairbanks

Past Newsletters

2014 Newsletters
March Newsletter
June Newsletter
2013 Newsletters
October Newsletter
July Newsletter
April Newsletter
January Newsletter
2012 Newsletters
December Newsletter
November Newsletter
October Newsletter
September Newsletter
August Newsletter
July Newsletter
June Newsletter
May Newsletter
April Newsletter
March Newsletter
February Newsletter
January Newsletter
2011 Newsletters
December Newsletter
November Newsletter
October Newsletter
September Newsletter
August Newsletter
July Newsletter
June Newsletter