us: national action plan for cybersecurity (february 2016)

Posted by deaguero at 2020-04-11

[this is a copy of WeChat official account of CAICT, China information and Communication Research Institute, English version:]

Text translation:

Since taking office, President Obama has regarded cybersecurity as one of the biggest challenges facing the United States and taken various measures to deal with it. For example, in the past 2015, together with Congress, the cybersecurity act of 2015 has been issued to provide necessary cybersecurity tools, especially to make it easier for private enterprises and governments to share information on cyber threats.

But the Obama administration believes that more measures should be taken to enable citizens to have the necessary tools to protect themselves, enable enterprises to operate and protect information safely, and enable the government to protect people and submitted information. This is exactly the purpose of the CNAP, which provides both short-term action plans and long-term strategic goals, including Improve the attention and protection of network security, protect privacy, ensure public security and economic and national security, so that the American people can better control digital security.

(1) Challenges

From online shopping to company operation to communication with our favorite people, the online world has fundamentally reshaped people's lives. However, the digital world not only provides infinite opportunities for people, enterprises and economy, but also brings new threats. Criminals, terrorists and some countries have realized that it's easier to be online than face-to-face. More and more sensitive data are stored on the Internet, and the network access is becoming increasingly fierce. At present, identity theft has become the fastest-growing crime in the United States. Innovators and enterprises promote the economic growth of the United States and make the United States take the leading position in the world. However, famous enterprises are often blackmailed or cheated, which makes more and more Americans wonder whether the benefits of technology will be swallowed by the risks it brings?

Although the United States can deal with and control the threat, it does need to take more active action. If you want to integrate into the network, you need to have appropriate protection measures. This requires the joint efforts of the government, enterprises and citizens. To this end, the U.S. government issued the national action plan for cybersecurity.

(2) Key initiatives

The national action plan for cybersecurity (CNAP) includes a series of short-term initiatives to improve cybersecurity within the federal government and throughout the United States. However, in view of the complexity and severity of the problem, the president requires top strategic, business and technical experts outside the government to study and report on how to improve the awareness of network security, protect privacy, protect public security, as well as economic and national security. Obama said some bold actions are needed to improve the competitiveness of the United States in the global digital economy.

The national action plan for cybersecurity is a seven-year experience of the U.S. government, absorbing lessons from cybersecurity trends, threats, * * * and other aspects. This plan includes both the recent actions of the federal government and long-term improvement measures, aiming to comprehensively improve the network security of the federal government, private enterprises and personal lives. Some key points of CNAP include:

● establish the "Commission on Enhancing National Cybersecurity" - composed of top enterprises and technical experts, some of whom are appointed by Congress, to jointly draw up a 10-year roadmap of cybersecurity technology and policy development covering both public and private aspects, so as to promote various best practices. The plan will include: strengthening network security awareness, protecting privacy and public security, maintaining economic and national security and ensuring the United States has stronger digital security control capabilities, and promoting cooperation among federal, state and local governments and enterprises.

● dedicated $3.1 billion it modernization fund to upgrade government it and Cybersecurity management infrastructure that is obsolete or difficult to maintain. At the same time, the federal chief information security officer is established to supervise the implementation of these work by government departments. Its specific responsibilities include the development, management and coordination of network security policies throughout the federal government system, as well as the implementation of operations.

● strengthen the protection of online account, in addition to password, supplemented by fingerprint, SMS sending one-time password and other more security measures. Through the "national cyber security alliance", a new national cyber security awareness campaign was launched, focusing on multiple authentication, so as to enhance and cultivate the network security awareness of information consumers. The National Cybersecurity alliance is a non-profit organization. Its members include the U.S. Department of Homeland Security (DHS) and private enterprises such as Symantec, Cisco, Microsoft, SAIC and EMC. It calls for and encourages the use of multiple authentication mechanisms, as well as the implementation of an "effective authentication" scheme that has not yet been finalized. Partners include top technology companies such as Google, Facebook, Dropbox, Microsoft, and transaction services companies such as MasterCard, visa, PayPal, and venmo.

● in the 2017 fiscal year budget, the total expenditure on network security reached US $19 billion, an increase of 35% over the 2016 fiscal year.

(3) Set up "national network security Promotion Committee"

After more than 40 years of development, computer technology and the Internet have brought strategic advantages to the United States, its people and its allies. But if the basic problems of network security and identity cannot be solved, the dependence of the United States on digital infrastructure will become the source of strategic risk. To this end, it is necessary to understand and eliminate the root causes of network vulnerability, not just to solve existing problems, which requires long-term, national level solutions.

As a result, the president established the National Cybersecurity Promotion Committee, which includes strategic, business and technical experts from outside the government, as well as members of both parties appointed by the parliament. The Commission's task is to formulate detailed proposals for action in the next decade, including raising awareness of cybersecurity, enhancing the protection of private sectors and government departments, protecting privacy, maintaining public security, economic and national security, and making the United States better in control of security in the digital age. The committee will be fully supported by the National Institute of standards and Technology (NIST). The Commission will report findings and recommendations to the president by the end of 2016 and provide a roadmap for future action.

(4) Improve the national overall network security level

1. Strengthen the network security of the federal government

The federal government's cybersecurity capabilities have been greatly enhanced, but much remains to be done. In order to continue the progress and solve the systemic challenges faced by federal network security for a long time, it is necessary to review the traditional practices of federal government network security and information technology, which requires all departments to establish and maintain their own networks. These actions are based on the cybersecurity cross agency priority goals and the 2015 cybersecurity strategy and implementation plan.

● the president set up a $3.1 billion information technology modernization fund in the 2017 budget to scrap and replace the existing IT networks and systems that are in urgent need of modernization and are difficult to maintain and ensure security.

● set up the federal chief information security officer to supervise the network security policies, plans and implementation of federal government departments. This is the first time that the United States has established a full-time senior government position dedicated to the development, management and coordination of cyber security strategies, policies and operations across the federal government.

● require relevant departments to identify, prioritize and take special measures to improve the security of IT assets with the most value and risk.

● federal departments such as the Department of Homeland Security and the general affairs office should promote the availability of it and network security sharing services among government departments, with the goal of freeing each organization from building, owning and operating its own it facilities, providing more efficient, effective and secure choices, and protecting them from the most complex threats.

● expand "Einstein" project, i.e. the system scheme that homeland security uses to record and analyze network traffic and detect government network information. The president's 2017 budget supports these capabilities for all federal civil agencies.

● recruit the best network security talents from the federal government and enterprises, and increase the number of civil network defense teams under the Ministry of Homeland Security to 48. These teams will protect the civil network, system and data security of the federal government as a whole, realize the * * * test, actively track the * * * personnel, and provide security expertise and accident response services.

● the federal government will strengthen Cyberspace Security Education and national training, and employ more cyberspace security experts to ensure the security of federal agencies through the national Cyberspace Security Education Act, etc.

● as part of CNAP, the president's budget invests $62 million in cyberspace security personnel. This is mainly used for:

1) Provide scholarships to Americans who want to get cyber security education and work in the civil federal government through the establishment of the cyber Corps Reserve Program;

2) Set up core courses of network security to ensure that graduates of network security who want to work in the federal government have necessary knowledge and skills;

3) Strengthen the National Centers for academic excellence in cybersecurity program to increase the number of participating academic institutions and students, and enrich students' knowledge through the evolution of programs and courses;

4) Increase the number of universities and colleges covered by the National Center for excellence in cybersecurity, and link the amount of scholarships with the federal government's core cybersecurity courses and Cybersecurity level. In return, the recipient will be a participant in the government's cybersecurity program, thereby increasing the amount of student loans.

Its subsequent expansion includes running all government Internet traffic through a few centralized locations and monitoring it in cooperation with the * * * detection system. In addition, we will expand the Department of Homeland Security's continuous diagnosis and mitigation program to automate network risk assessment.

2. Improve personal network security protection ability

The privacy and security of the daily lives of all online Americans are increasingly tied to national security and economic conditions. The new action plan is based on the president's 2014 buysecure initiative to enhance consumer data security:

● the president called for multiple authentication when logging into an online account instead of just using a password. Private enterprises, non-profit organizations and the federal government work together to help more Americans achieve online security through a new round of publicity activities, focusing on the wide adoption of multiple authentication, the establishment of the concept of "one stop, two want to connect", and the implementation of the national strategy for trusted identities in cyberspace. The National Cybersecurity alliance will work with leading technology companies and civil society to make it easier for millions of users to secure their online accounts. This will enhance the public's understanding of the role of personal network security.

● in digital services for citizens, the federal government is strengthening multiple authentication and transparency. The U.S. Department of general affairs will establish a new program to better protect and protect data and personal information security, including tax data and benefit information interaction, when citizens go to federal government departments to handle affairs.

● government authorities are systematically assessing where the use of social security numbers as citizenship identifiers can be reduced.

● the Federal Trade Commission recently re launched the website, providing a one-stop resource service for victims to report identity theft, creating recovery plans for personal information, printing pre filled letters, and sending forms to credit agencies, businesses, and creditors.

● the Small Business Administration (SBA), together with the Federal Trade Commission, the National Institute of standards and Technology (NIST), the Department of energy, will provide cybersecurity training to 1.4 million small business and small business stakeholders through 68 SBA regional offices, nine National Institute of standards and Technology NIST manufacturing expansion cooperation centers, and other regional networks across the country.

The administration set up a milestone in the presidential secure purchase initiative to ensure the security of financial transactions. To date, the federal government has provided more than 2.5 million more secure chip and password payment cards, and the Treasury can manage all readers to complete the transition to this new technology. Led by the government and the private sector, the U.S. has released more secure chip cards than any other country in the world.

3. Enhance the security and resilience of key infrastructure

The national and economic security of the United States depends on the reliable operation of the country's critical infrastructure. Continued collaboration between owners of critical infrastructure and operators will improve network and national security. This work is based on the previous executive orders on critical infrastructure (2013) in 2013 and the executive orders on information sharing in 2015.

● the Department of homeland security, the Department of Commerce and the Department of energy are scheduling resources and capabilities to establish the National Center for cybersecurity resilience, where companies and industry organizations can test system security in a closed environment, such as the grid's ability to withstand the pressure of the network.

● the Department of homeland security will double the number of cyber security consultants to assist private sector organizations in conducting targeted cyber security assessments and best practices.

● the Department of homeland security is working with industry partners such as UL to develop Cyberspace Security Assurance program to test and prove the networking equipment in "Internet of things" - whether refrigerator or medical infusion pump, so that when users purchase products, they can be sure that it has been certified and meets the safety standards.

● the National Institute of standards and technology is soliciting feedback for further development of its cybersecurity framework. The goal of the framework is to improve cybersecurity of critical infrastructure, which has been organized in the United States and around the world for two years.

On February 8, the new national cyberspace security center of excellence was cut. It is a research and development platform for cooperation between the government and enterprises. It will develop and deploy high priority network security technology solutions, and share new discoveries with a wider community.

The administration called on major medical insurance companies and medical stakeholders to help them take new and significant steps to strengthen data management practices, ensure that consumers can trust them, and ensure that sensitive health data is safe, reliable and available to guide clinical decisions.

4. Promote the development of safety technology

Although the U.S. is now focusing on improving network defense, it must also invest heavily in science, technology, tools and infrastructure in the future to ensure that these technologies can meet the security requirements when applied in engineering.

The U.S. government released the 2016 federal cybersecurity research and development strategic plan. This plan is proposed in the 2014 cybersecurity Enhancement Act, which outlines the national strategic research and development goals of the United States, promotes scientific effectiveness and efficiency, and drives the development of cybersecurity technology.

(5) Stop, dissuade and destroy malicious acts in Cyberspace

Better protection of the digital infrastructure is only part of the solution. The United States must lead the international community in transforming these norms into the codes of conduct of responsible countries, including in the prevention and destruction of malicious acts. The US cannot achieve these goals alone - it must act with its allies and global partners.

In 2015, G20 Member States and the United States reached an agreement on important norms, including the applicability of international law in cyberspace. Governments should not support the use of Internet to steal intellectual property rights for commercial purposes. The United Nations group of governmental experts is welcome to issue relevant reports, strengthen international cooperation, prevent the use of civil infrastructure, and support the computer emergency response team to provide reconstruction and disaster recovery services Business. The United States government has attempted to implement these guidelines through further bilateral or multilateral commitments to confidence building measures.

The Department of justice, including the FBI, has increased its funding for cybersecurity operations by more than 23 per cent to improve its ability to identify, disrupt and arrest malicious network actors. The U.S. military's cyber command is building 133 cyber forces of 6200 people. The force has now begun to participate in a number of network operations and is scheduled to start full operation in 2018.

(6) Improve network event response capability

While paying attention to preventing and preventing malicious network behavior, the United States must also maintain the network recovery ability when the incident occurs. In 2015, the United States was subjected to a wide range of Internet crimes, from cybercrime to cyber espionage. Learning from the past can improve the future network security incident management and network recovery ability.

In the spring of 2016, the U.S. government will issue policies on cooperation in domestic cybersecurity incidents, as well as methods to assess the severity of incidents, so as to enable effective communication between government agencies and private enterprises and take appropriate and consistent responses.

(7) Protect personal privacy

Since the founding of the people's Republic of China, privacy has always been the focus of attention in the United States, especially in the digital era. The U.S. government has made a breakthrough in strengthening cooperation among federal governments to protect personal privacy and information security.

Today, the president has signed an executive order to establish the federal privacy Council, which will bring together privacy officials from all departments of government to help ensure the implementation of a more strategic and comprehensive federal privacy code. For example, network security and privacy must receive effective and sustained attention, promote technology research and innovation, take advantage of the benefits of big data, and deal with the evolving network threats.

(8) Increase investment in network security

In order to achieve these dramatic changes, the federal government must invest more resources in network security. That's why the budget allocation for cybersecurity exceeded $19 billion in 2017 - a 35% increase from 2016. These resources will enable institutions to improve their level of cybersecurity, help the private sector, organizations and individuals better protect themselves, disrupt and stop enemy activities, and respond more effectively to cybersecurity incidents.