President Issues Executive Order for Unity in Cybersecurity
Cyber-world: 'The Wild, Wild West' "The cyber-world is sort of the wild, wild West, and to some degree, we're asked to be the sheriff," Obama said. "When something like Sony [data breach] happens, people want to know, 'What can government do about this?' When information is being shared by terrorists, people want us to find ways of stopping that from happening. By necessity, that means government can use its own significant capabilities in the cyber world. "But then, people plainly ask: 'What safeguards do we have around government intruding on our own personal privacy?' It's hard." Government has to be continuously self-critical, Obama said, "and we need to continue to have an open debate on this."--protecting the country's critical infrastructure—our most important information systems—from cyber-threats; --improving the ability to identify and report cyber-incidents so that we can respond in a timely manner; --engaging with international partners to promote Internet freedom and build support for an open, interoperable, secure and reliable cyber-space; --securing federal networks by setting clear security targets and holding agencies accountable for meeting those targets; and --shaping a cyber-savvy workforce and moving beyond passwords in partnership with the private sector. Previously, the president has signed directives involving improving critical infrastructure cyber-security, critical infrastructure security and resilience, and some federal policies in the cyber-security area, but no president has issued an order directing all sectors to share and share alike when it comes to finding out information about national and international bad actors in cyber-security. Cook Talks Up Apple Pay Before the president's appearance, Apple CEO Tim Cook used his several minutes onstage to explain, among other things, how his company "will never sell our customers' information to anybody." Of course, that's not the business Apple conducts. He offered an overview about security features in the new Apple Pay system, which was introduced last fall and enables iPhone users to conduct point-of-sale transactions without involving an exchange of personal information over the Internet. Cook called Apple Pay "a huge improvement over a little plastic card with a magnetic stripe that we currently use." The company doesn't store a user's credit card number or purchase history, he said, adding that information is between a person and his/her bank. In addition to applause over the company's commitment to keeping financial and health information secure and private, Cook received cheers when he talked about the company's commitment to the environment. IT-sector CEOs, company presidents or founders on stage at the conference included Cook, Aaron Levie of Box, Michelle Zatlyn of CloudFlare, Dan Schulman of PayPal, Renee James of Intel, Michael Brown of Symantec, Kevin Mandia of FireEye, Stina Ehrensvard of Yubikey, Blake Hall of ID.me and Mark McLaughlin of Palo Alto Networks. Chief security officers on hand were Scott Charney of Microsoft, Eric Grosse of Google, Melody Hildebrandt of Palantir, Alex Stamos of Yahoo and Joe Sullivan of Facebook. Non-IT executives included Kenneth Chenault, chairman and CEO of American Express; Bernard J. Tyson, chairman and CEO of Kaiser Permanente; Anthony Earle, Jr., chairman and CEO of Pacific Gas & Electric; Ajay Banga, president and CEO of MasterCard; Peter Hancock, president and CEO of AIG; Brian Moynihan, chairman and CEO of Bank of America; Richard Davis, chairman and CEO of US Bank; Mike George, CEO and president of QVC; Alexander Gourlay, president of Walgreens; and Charles Scharf, CEO of Visa.
The Feb. 13 executive order is the latest instantiation of the Obama administration's cyber-security strategy, the priorities of which are: