Obama Addresses Cybersecurity

February 17, 2016

pic-techIn response to a number of high-level cybersecurity breaches in both the public and private sector over the past 18 months, President Barack Obama has recently taken steps to ensure that enhancing cybersecurity is top priority for his administration in the last year of his presidency.

President Obama’s Cybersecurity National Action Plan (CNAP) broadly outlines a number of programs designed to update the country’s aging IT infrastructure. Included in the CNAP are programs to establish a Federal Privacy Council designed to review how the government secures Americans’ personal information, creates a new Chief Information Security Officer position within the government, and establishes a commission to make recommendations on enhancing cybersecurity.

On Feb. 9, President Obama signed an executive order creating within the Department of Commerce a Commission on Enhancing National Cybersecurity (Commission). The Commission will be comprised of no more than 12 members and the members will be appointed by the president and congressional leadership will be allowed to recommend four individuals for membership on the Commission. The Commission will be tasked with developing recommendations which will increase development, promotion and use of cybersecurity technologies, policies, and best practices which can be implemented over the next ten years.

The executive order comes on the heels of President Obama’s final budget released on Feb. 9. In the FY2017 budget the president requested $5 billion in new funding across the government, bringing the total government budget for cybersecurity issues to $19 billion. It is a 34 percent increase over the amount appropriated by Congress for cybersecurity in 2016. Included in the budget request is $3.1 billion to modernize IT across the government and expand the use of shared services spanning various agencies.

NSBA supports strong action to promote cybersecurity throughout the economy. Small businesses are often prime targets for cyber attacks because they often lack dedicated IT professionals. In a recent NSBA survey, 42 percent of members indicated that they had suffered a cyberattack in the last 12 months. These attacks are costly and often take several days to resolve. On average, they cost small businesses $7,000 to resolve and when bank accounts are attacked, the average loss was more than $32,000.These are costs that small businesses cannot afford. NSBA looks forward to engaging the government while it rolls out its new programs to ensure that they adequately address small businesses concerns.