White House Announces Creation of Cybersecurity National Action Plan and New Federal Privacy Council | Practical Law

White House Announces Creation of Cybersecurity National Action Plan and New Federal Privacy Council | Practical Law

The White House announced that it will implement a Cybersecurity National Action Plan designed to protect privacy and improve digital security, and establish a new interagency Federal Privacy Council to coordinate and improve federal privacy guidelines.

White House Announces Creation of Cybersecurity National Action Plan and New Federal Privacy Council

by Practical Law Intellectual Property & Technology
Published on 09 Feb 2016USA (National/Federal)
The White House announced that it will implement a Cybersecurity National Action Plan designed to protect privacy and improve digital security, and establish a new interagency Federal Privacy Council to coordinate and improve federal privacy guidelines.
On February 9, 2016 the White House issued a fact sheet detailing the Obama Administration's implementation of a Cybersecurity National Action Plan (CNAP). The CNAP directs the Federal Government to:
  • Establish a Commission on Enhancing National Cybersecurity (CENC).
  • Create a new Federal Chief Information Security Officer as part of a proposed budget increase of $3.1 billion to modernize the federal government's information technology.
  • Launch a National Cybersecurity Awareness Campaign.
  • Invest over $19 billion for cybersecurity as part of the 2017 Budget.
The CENC is tasked with making recommendations on actions that can be taken over the next decade to:
  • Enhance cybersecurity awareness and protections throughout the private sector and at all levels of Government.
  • Protect privacy.
  • Maintain public safety, along with economic and national security.
  • Empower Americans to take better control of their digital security.
The National Institute of Standards and Technology (NIST) will support the CENC. The CENC will report its findings and recommendations to the President by the end of 2016.
The Administration will also require federal agencies to improve their cybersecurity by:
  • Identifying and prioritizing their highest value and most at-risk IT assets, and take steps to improve their security.
  • Having the Department of Homeland Security, the General Services Administration, and other agencies increase the availability of government-wide shared services for IT and cybersecurity, to reduce the need for each agency to protect itself separately.
  • Increase funding for new cybersecurity scholarships and other training.
Further, the federal government will increase its efforts to prevent, respond to, and punish malicious cyber activity.
Finally, President Obama signed an Executive Order establishing a new interagency Federal Privacy Council to coordinate the development of Federal privacy guidelines and recommendations.