President-elect Donald Trump should appoint an ambassador for cybersecurity within his first 180 days in office, according to the President’s Commission on Enhancing National Cybersecurity.
The commission stated that the person who holds this newly created ambassador position would act as an international representative for the country’s cybersecurity standards, strategies, and priorities. The ambassador for cybersecurity would report directly to the secretary of State and negotiate “confidence-building measures” on a multilateral basis.
“This individual should have responsibility for bringing together international counterparts to harmonize cybersecurity standards and practices, and to develop and promote peacetime norms of nation-state behavior and a common understanding of the application of international law in cyberspace,” the commission wrote in their Report on Securing and Growing the Digital Economy.
The recommendation for this new ambassador role was one of many contained in the report, which was released Dec. 2. The commission, which was chartered in February through Executive Order 13718, listed recommendations for securing the digital economy while protecting privacy, ensuring public safety and national security, and supporting new research and technology. According to the commission, the report is meant for both President Barack Obama and the president-elect.
In a statement on the report, Obama discussed his call for a 35 percent increase in Federal cybersecurity resources. He also stated the commission’s recommendations were thoughtful, and that it is up to the next administration to continue the mantle of protecting and expanding the nation’s presence in cyberspace.
“In total, the commission’s recommendations affirm the course that this administration has laid out, but make clear that there is much more to do and the next administration, Congress, the private sector, and the general public need to build on this progress,” Obama said.
Obama mentioned his administration’s push to give $3.1 billion in funding to Federal agencies in order to modernize legacy information systems, which the commission proposed to expand.
“Before Congress adjourns for the year, it must act to fully fund the urgent cybersecurity needs that my administration has identified in my 2017 Budget and elsewhere, investing in areas such as securing Federal information technology systems,” Obama said.
Subject matter experts from various Federal agencies, including the Department of Commerce’s (DOC) National Institute of Standards and Technology (NIST), the Department of Homeland Security (DHS), Department of Defense (DOD), the Department of Justice (DOJ), the General Services Administration (GSA), and the Department of the Treasury (Treasury), assisted the 12 commissioners in gathering content and creating recommendations.
The commission outlined six major imperative areas on which the upcoming administration should focus. The imperatives are:
- Protect, defend, and secure today’s information infrastructure and digital networks.
- Innovate and accelerate investment for the security and growth of digital networks and the digital economy.
- Prepare consumers to thrive in a digital age.
- Build cybersecurity workforce capabilities.
- Better equip government to function effectively and securely in the digital age.
- Ensure an open, fair, competitive, and secure global digital economy.
These imperatives are accompanied by a total of 16 recommendations and 53 action items, including a joint cybersecurity operation program between the private sector and the administration, stronger authentication requirements within the Federal government, and a cybersecurity “nutrition label” for technology services created by an independent organization.
“The commission’s recommendations emphasize the need for collaboration among public and private sectors and our international partners in order to strengthen cybersecurity, protect privacy, foster innovation, and ensure public safety and our economic and national security,” said Penny Pritzker, Secretary of Commerce, in a statement Dec. 2. “The ideas highlighted in the report transcend different administrations, congresses, and different political and economic cycles. These recommendations comprise an urgent action plan for our country to meet today’s cybersecurity crisis. Success will require that we all work together.”
Robert Bigman, president of 2BSecure and the former chief information security officer at the CIA, called the commission’s report “entirely underwhelming,” and said it neglected the root cause of the nation’s cybersecurity challenges.
“More recommendations to do more studies and form, yet more, public-private partnerships. Blah, Blah, Blah,” Bigman said. “Yet again, another study that missed the point that the root of our cybersecurity crisis is the fact that computer systems lack proper security engineering and provide no trust. Nothing in this report worries the bad guys.”
Editor’s Note: This story has been updated to add expert reaction and commentary.