Article Posted by Mark Weatherford, Director and Chief Information Security Officer, Office of Information Security

During a speech at Purdue University last July, then-candidate Obama said, "As President, I’ll make cybersecurity the top priority that it should be in the 21st century. I’ll declare our cyber-infrastructure a strategic asset, and appoint a National Cyber Advisor who will report directly to me."  In February, President Obama appointed Melissa Hathaway to conduct a 60 Day review of cybersecurity in the federal government and it looked like he was making good on his earlier campaign promise.

Then, in a speech at the White House last Friday morning, President Obama declared that 21st century challenges can’t be met without a digital infrastructure and said, "the world of cyberspace is a world we depend on every day."  He then went on to talk about the results of the 60-day review which was completed in mid-April and the resulting report titled, the Cyberspace Policy Review.  This 76 page document discusses in detail how the federal government is going to take a leadership role in "anchoring and elevating leadership for cybersecurity-related policies at the White House."  This is very powerful stuff and also very good news for us working in California state government.  Why?  When was the last time you heard cybersecurity talked about by a President? I can only remember maybe two times but don’t remember hearing much after that. This time it has legs and I’m confident we are going to see increasing action by the feds to raise the level of security awareness across all levels of government.  He even mentioned the word Botnet for crying out loud!

Many people thought he might announce the name the "Cyber Czar" but while he didn’t, it’s important to see it listed as action item #1 in the "Near-Term Action Plan" of the Cyberspace Policy Review.  This document is a roadmap for cybersecurity strategic planning.

So, was it a good speech and can it be translated to action?  The proof is in the pudding as they say but I’m very optimistic that cybersecurity is getting some national visibility that will help those of us in the IT business at the state and local government levels.  Along with the President’s proactive stance, in September 2008, Senator Tom Carper, (D-DE) introduced the bipartisan Federal Information Security Management Act of 2008 (S.3474) S.3474 and then on April 1, 2009, Senators Jay Rockefeller (D-WV) and Olympia Snowe (R-ME) introduced the Cybersecurity Act of 2009 (S.773) S.773   Take a few minutes to read this legislation.  It’s not perfect but its good and certainly moves the ball forward.  There is just too much activity at the federal level for this to not get some traction but I’m keeping my fingers cross anyway.