In a major speech on national security yesterday at Purdue University, Barack Obama highlighted the need to face new threats and not continue “fighting the last war.” Loose nukes, bio-terrorism, and cybersecurity were the three themes. Originally posted by Bruce McConnell on governmentfutures.com 2008.

The fact sheet accompanying the speech included a set of strategic proposals (see below) that address both privacy and security in a balanced fashion. These proposals bear careful evaluation, but clearly suggest a broader scope than the current Administration’s “Comprehensive National Cybersecurity Initiative.”

The encouraging news is that the most visible leaders in both parties, Bush (no word from McCain) and Obama, have officially recognized the critical national need to invest in cybersecurity. Obama’s engagement in the topic is real, as related in a very readable first-person account of the event by Purdue’s Gene Spafford, executive director of CERIAS, the cybersecurity center of excellence referred to by Obama. At this rate, the Nation may actually be able to get ahead of this continually evolving threat to the very assets that make us competitive and strong in the world.

Here is a summary of the specific proposals, taken from the fact sheet issued on July 16, 2008.

Summary of Barack Obama Cybersecurity Proposals

from “Confronting 21^ST Century Threats” — July 16, 2008

MAKE CYBER SECURITY A TOP FEDERAL PRIORITY

Strengthen Federal Leadership on Cyber Security: Declare the cyber infrastructure a strategic asset, vital to national security and the global economy, and develop and deploy systems to protect it. Develop tight standards for securing America’s personal information. Establish the position of national cyber advisor who will report directly to the president and will be responsible for coordinating federal agency efforts and development of national cyber policy.

Invest in Education in Math and Science.

Initiate a Safe Computing R&D Effort: Support an initiative to develop next-generation secure computers and networking for national security applications.

ENSURE AMERICA’S NATIONAL SECURITY

Harden our Nation’s Cyber Infrastructure: Work with industry and academia to develop and deploy a new generation of secure hardware and software for our nation’s critical cyber infrastructure.

Develop a Comprehensive Cyber Security and Response Strategy: Develop a Cyber Security Strategy that ensures that we have the ability to identify our attackers and a plan for how to respond that will be measured but effective.

ENSURE AMERICA’S ECONOMIC AND PERSONAL SECURITY

Protect the IT Infrastructure That Keeps America’s Economy Safe: Work with the private sector to establish tough new standards for cyber security and physical resilience for critical infrastructure.

Prevent Corporate Cyber-Espionage: Work with industry to develop the systems necessary to protect our nation’s trade secrets and our research and development.

Develop a Cyber Crime Strategy to Minimize the Opportunities for Criminal Profit: Shut down the mechanisms used to transmit criminal profits by shutting down untraceable Internet payment schemes. Initiate a grant and training program to provide federal, state, and local law enforcement agencies the tools they need to detect and prosecute cyber crime.

Mandate Standards for Securing Personal Data: Ensure that the privacy of personnel data in computer systems is better protected. Partner with industry and our citizens to secure personal data stored on government and private systems. Institute a common standard for securing such data across industries.

Require Companies to Disclose Personal Information Data Breaches: Back strong legislation to protect the rights of individuals in the information age, similar to laws in California and other states.