In his 2015 State of the Union Address, President Barack Obama mentioned the importance of improving America's cybersecurity and what he believes it will take to make it happen. Below is a review of the most interesting statements and initiatives mentioned in the address or recent media coverage, and the potential impact each could have on American Information Security.
It is safe to expect that information sharing between companies and federal organizations will become a more common practice. Several industries-- such as financial services and retail-- have already created robust information sharing organizations.
“No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families,” Obama said. “We are making sure our government integrates intelligence to combat cyber threats, just as we have done to combat terrorism."
It's intriguing to see any sort of parallel drawn between terrorism and cyber attacks. Obama called the Sony Hack an act of cyber vandalism back in December, and was careful not to call it a terrorist attack.
Some security experts believe it won't be easy to completely account for the details of a breach after a month, let alone disclose them to potentially affected parties. However, there is still support for the initiatives Obama is trying to pass. Congress discussed the national breach notification law for the first time on Tuesday, Jan. 27. The law is focused on how companies handle breaches once they've happened, not on trying to prevent them in the first place.
The UK and US have agreed to test each other's cybersecurity through a series of cyber war games in 2015.
Much like penetration tests and vulnerability scans, cyber war games let both sides "rehearse" their responses to an attack and see where their weaknesses are when it comes to a response. This move will help both countries be more prepared in the event of a major attack and it's good to see the government adopting more proactive security strategies.