The White House recently announced its Cybersecurity National Action Plan (CNAP)—a sweeping, $19 billion initiative designed to strengthen the country’s cyber defenses. CNAP includes a number of provisions designed to both strengthen and regularize governmental safeguards against cyber threats, as well as provisions to educate and partner with the private sector to help better protect businesses and consumers.
According to a White House press release, CNAP will use its proposed $19 billion budget to pursue a number of objectives:
- Form the Commission on Enhancing National Cybersecurity. The commission will bring together top thinkers from the private sector to recommend actions that will strengthen cyber security in the public and private sectors, as well as ways to protect privacy. The commission will also be tasked with devising strategies for maintaining public safety and national security; fostering the development of new technical solutions; and bolstering the relationships between federal, state, and local governments and the private sector.
- Modernize government information technology (IT). The plan to modernize government IT contains two major provisions. First, the White House has proposed a $3.1 billion Information Technology Modernization Fund, designed to replace and modernize the aging and unsecure IT infrastructure currently in use. In addition, the White House will be creating a new position, Federal Chief Information Security Officer (CISO), to oversee and implement these changes.
- Expand and invest in programs and training. The Department of Homeland Security will be expanding its EINSTEIN and Continuous Diagnostics and Mitigation programs, as well as increasing the number of federal civilian cyber defense teams to a total of 48. Additionally, CNAP’s proposed budget would invest $62 million in the following:
- Establishing a CyberCorps Reserve program
- Developing a Cybersecurity Core Curriculum
- Strengthening the National Centers for Academic Excellence in Cybersecurity program
- Enhancing student loan forgiveness programs for cyber security experts
- Encouraging investment in cyber security education through the President’s Computer Science for All Initiative
- Increase the use of multi-factor authentication. The government will be encouraging the increased use of multi-factor identification – safeguards that use things like fingerprints or codes sent via text message in addition to a password – to better protect data. To that end, the government will launch a National Cybersecurity Awareness Campaign that aims to educate the public and promote multi-factor authentication.
- Develop partnerships to secure data and financial transactions. The government will partner with companies like Google, Facebook, DropBox and Microsoft to help keep data more secure, and it will work with companies like MasterCard, Visa, PayPal and Venmo to make sure financial transactions are more protected as well.
- Curb identity theft. The government is looking for ways to reduce its use of Social Security numbers as an identifier for citizens. Additionally, the Federal Trade Commission recently launched IdentityTheft.Gov as a resource for victims of identity theft to more easily report the crime and get the resources they need to recover.