President Obama Makes Cybersecurity AppointmentFebruary 23, 2016
On Feb. 17, President Barack Obama appointed Tom Donilon to lead the Commission on Enhancing National Cybersecurity (CENC). Donilon previously served as National Security Advisor to the president. Former IBM CEO Sam Palmisano was also selected to serve on the CENC as Donilon’s deputy. President Obama created the CENC with an executive order on Feb. 9 and it will be housed within the Department of Commerce.
The CENC is tasked with making recommendations to the president on ways to increase cybersecurity in both the public and private sector. It will focus on actions which can be implemented over the next 10 years and is required to make recommendations, at minimum, on:
- How to better protect data in light of technological developments,
- Ensuring that cybersecurity is a core element of the technologies associated with the internet and cloud computing,
- Investments in research and development in cybersecurity, increasing the level of expertise in cybersecurity workforce across the economy, and
- Improving education of cybersecurity practices for the general public.
The CENC will be composed of no more than 12 members and further appointments are expected in the coming weeks. The Speaker of the House, Minority Leader of the House, Majority Leader of the Senate, and Minority Leader of the Senate are each able to recommend an individual to serve on the commission.
The CENC is not permanent, and pursuant to the executive order creating it, the commission will disband 15 days after it submits its report and recommendations to the president. That report detailing the commission’s recommendations to President Obama is due by Dec. 1, 2016.
NSBA supports strong government action to ensure the national IT infrastructure keeps pace with emerging technologies and evolving cyber threats. Small businesses are especially vulnerable to these cyber threats because they lack dedicated IT staff repair damage caused. In a recent NSBA survey, members indicated that over 40 percent of cyber attacks required more than three days to repair the damage done. Creating better IT infrastructure and programs to train IT professionals are necessary steps to ensure that small businesses are protected against these types of disruptions.