Cyberspace is real and so are the risks that come with it, said Obama in remarks Friday at the White House in which he discussed threats to the nation's digital infrastructure from organized crime, industrial spies and international espionage.
Obama said he would name an official to coordinate cybersecurity policies across the government and organize a response to any major cyber attack.
I'm creating a new office here at the White House that will be led by the cybersecurity coordinator. Because of the critical importance of this work, I will personally select this official, said Obama. This official will have my full support and regular access to me.
Obama said his administration would not dictate cybersecurity standards for private companies but would strengthen public-private partnerships and invest in research to develop better ways to secure information infrastructure.
He also stressed the importance of privacy. Our pursuit of cybersecurity will not -- I repeat, will not -- include monitoring private sector networks or Internet traffic.
Holes in U.S. cybersecurity defenses have allowed major incidents of thefts of personal identity, money, intellectual property and corporate secrets. They also allowed a penetration of Obama's campaign.
What isn't widely known is that during the general election hackers managed to penetrate our computer systems, said Obama. Between August and October, hackers gained access to emails and a range of campaign files, from policy position papers to travel plans.
The cybersecurity review, headed by Melissa Hathaway, had urged the president to name a White House coordinator to oversee cybersecurity.
The report, requested by Obama in February, also urged the creation of a strong National Security Council directorate on cybersecurity with a privacy official attached to it.
Other recommendations included preparation of a national strategy to secure U.S. digital networks and stronger international partnerships to fight cybercrime and espionage.
The report said the government, in working with the private sector, should consider tax incentives and reduced liability in exchange for improved security, or increased liability for lax security.
Separately, the Pentagon is considering creating a command dedicated to cyberspace, under the umbrella of U.S. Strategic Command, but Defense Secretary Robert Gates had made no decisions yet, said Pentagon spokesman Bryan Whitman.
We view cyberspace as a warfighting domain that we have to be able to operate within, said Whitman.
FBR Capital Markets analyst Daniel Ives said Friday's announcement could presage a surge in spending on security software purchased from companies like Symantec Corp and McAfee Inc, both of which have some government sales. We've heard for so long the government was going to spend. Finally the ball is going to start rolling, said Ives.
John Stewart, Cisco's chief security officer, said some of the important next steps would be on the international stage.
There's going to be a need for massive international cooperation in all this, he said. This will show up in varying venues, (like) trade negotiations.
Phillip Dunkelberger, president of security company PGP Corp, said he was hoping for concrete steps to secure the U.S. digital network -- for example, some idea of what the next generation of security architecture would look like.
The cybersecurity report was posted at: http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Re view_final.pdf
(Additional reporting by Andrew Gray in Washington and Jim Finkle in Boston; Editing by Tim Dobbyn)