Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Government The Almighty Buck United States News Technology

President Obama Unveils $19 Billion Plan To Overhaul U.S. Cybersecurity 185

erier2003 writes: President Obama on Tuesday unveiled an expansive plan to bolster government and private-sector cybersecurity by establishing a federal coordinator for cyber efforts, proposing a commission to study future work, and asking Congress for funds to overhaul dangerously obsolete computer systems. His newly signed executive orders contain initiatives to better prepare college students for cybersecurity careers, streamline federal computer networks, and certify Internet-connected devices as secure. The Cybersecurity National Action Plan also establishes a Federal Privacy Council (to review how the government stores Americans' personal information), creates the post of Chief Information Security Officer, and establishes a Commission on Enhancing National Cybersecurity.
This discussion has been archived. No new comments can be posted.

President Obama Unveils $19 Billion Plan To Overhaul U.S. Cybersecurity

Comments Filter:
  • Let me be clear (Score:5, Informative)

    by e r ( 2847683 ) on Tuesday February 09, 2016 @12:53PM (#51471143)
    "I only intend to improve the cybersecurity of the government while doing everything I can to undermine the security of regular peon-- er-- people."
    • Re:Let me be clear (Score:4, Insightful)

      by alvinrod ( 889928 ) on Tuesday February 09, 2016 @01:25PM (#51471565)
      Also, if it turns out to be anything like the healthcare.gov project, I question how effective it would be in terms of improving security.

      This sounds like a classic government program designed to funnel public money into the hands of a few private contractors or corporations. Remind me why the Republicans are opposed to this again.
      • classic government program designed to funnel public money into the hands of a few private contractors or corporations

        Fix the the problem and the games over...

        A young boy enters a barber shop and the barber whispers to his customer "This is the dumbest kid in town.... watch while I prove it to you." The barber puts a dollar bill in one hand and two quarters in the other, then calls the boy over and asks "Which do you want, son?" The boy takes the quarters and leaves. "What did I tell you?" said the barber. "That kid never learns!"

        Later, when the customer leaves, he sees the same young boy coming out of the ice crea

      • He knows he won't get his budget, so he's putting everything he can think of into it (for several years, congress didn't even pass a budget). Why not? It's a fantasy document.
  • Gridlock (Score:1, Insightful)

    by jriding ( 1076733 )

    Republicans reject it before it even comes out and refuse to read it.

    Because "Obama"

    • Re: (Score:1, Interesting)

      by Anonymous Coward

      Because "$19 Billion"

    • Republicans will say they will object to an bill from Obama, but they almost always fall in line and pass it. The Syrian ban was bi-partisan. This is why people are calling the republicans rinos, they pass the bills the right wing public doesn't want. So yeah, they say they wont, but they will fall in line and do it anyways.

    • Re:Gridlock (Score:4, Insightful)

      by rsborg ( 111459 ) on Tuesday February 09, 2016 @01:33PM (#51471661) Homepage

      Republicans reject it before it even comes out and refuse to read it.

      Because "Obama"

      Which is why when Sanders is elected president in November, I can look forward to more entertaining gridlock, proposals that aren't "Republican-lite". Because if gridlock from a Democratic president is all we'll get, we might as well get propose some nice socialist ideas and get some nice leftward Overton window movement.

      • Sander's isn't shy about saying that his movement doesn't end with him being elected. We'd pretty much need a full flush of congress.

        I'm pretty sure most can agree with that regardless of their opinion of Sanders.

        • by rsborg ( 111459 )

          Sander's isn't shy about saying that his movement doesn't end with him being elected. We'd pretty much need a full flush of congress.

          I'm pretty sure most can agree with that regardless of their opinion of Sanders.

          I'm not sure we'd need to replace all of congress, just the ones that are hopelessly corrupted by the establishment or outside money. It would be a hard slog. There's no viable Ron Paul candidate on the Republican side; they would all likely gladly sing the praises of the TPP, so it's pretty much the only option if you're against the corporatocracy.

    • This will probably be good for me and for people I know, since I'm in the information security field.

      That said, I hope the republicans take a look at what exactly he wants to spend yet another $19 billion on each year (assuming none of it goes over budget). Another healthcare.gov type government IT project isn't what we need, obviously. Even liberals could probably come up with better uses for those billions of dollars than cybercare.gov. ;)

      We'll see what all he wants to do. Hiring a CSO for the federal g

    • Good and evil (Score:5, Insightful)

      by Okian Warrior ( 537106 ) on Tuesday February 09, 2016 @01:56PM (#51471927) Homepage Journal

      Republicans reject it before it even comes out and refuse to read it.

      Because "Obama"

      Oh, be fair now...

      Remember that Obamacare website? How high quality was that?

      How about Obamacare itself? Did cementing health insurance companies into federal law fix any problems?

      How about closing Gitmo? How did that work out?

      Hell, how about his stance on telecom immunity [politifact.com]? How's that working out for us?

      Or making up new immigration law by executive order [usnews.com]?

      Or ordering the assassination of a US citizen [worldcantwait.net]? (With no trial, and by authority of a secret law.)

      Really. If you want to blame gridlock on the merits of the situation, then do so.

      Otherwise, to the casual observer it would appear that "because Obama" is a perfectly valid reason to oppose something.

      Because, you know, "good and evil".

      • by Ksevio ( 865461 )

        How about closing Gitmo? How did that work out?

        Otherwise, to the casual observer it would appear that "because Obama" is a perfectly valid reason to oppose something.

        But Gitmo is still open because Republicans opposed it, and it was literally the first thing he did as president.

    • And Democrats reject Republican bills before they come out. This isn't anything new.

      Have you noticed that, over the years, many Democratic and Republican candidates have said things like, "I will bridge the aisle to get things done." Guess what? It never works. People often believe that their own view on a topic is the only correct one and rarely put a significant amount of effort into understanding opposing views. Instead they watch news sources and read blogs that reinforce their own views. The belief
  • That the Republican Congress won't even take a look at the President Obama's final budget proposals. Nice talking point, though.
    • by Straif ( 172656 )

      Obama can't even get Democrats to take his budget proposals seriously. When Reid did bother with a budget he ignored almost anything proposed fro the White House and went his own way. It was the Republicans that would force Reid to table Obama's budgets for a vote and when they were brought up they generally couldn't get enough support for the yeas to play a game of Solitaire.

      2011: 97-0
      2012: 99-0
      and his most successful,
      2016: 98-1

  • First.... (Score:4, Insightful)

    by saloomy ( 2817221 ) on Tuesday February 09, 2016 @12:55PM (#51471173)
    They rule encryption is a form of a weapon, with restrictions on export. Then they want to ban encryption. Pray-tell, how is the govt going to certify anything as secure without the most robust encryption technologies and practices currently available? Or does it mean, certified backdoored?
    • LOL ... are you expecting a rational reconciliation between the fact that you can't undermine security and enhance security at the same time?

      For you and I, that would be cognitive dissonance. For people who think they can pass laws around technical problems, the wishful thinking just keeps going.

      Not understanding the technology makes it far easier to pass terrible laws about the technology and then fail to understand why those laws don't work.

      But, part of the problem is they fall short on some basic securi

  • So now, when people's computers get hacked, Republicans can "Blame Obama!" for that too?
  • by NotDrWho ( 3543773 ) on Tuesday February 09, 2016 @01:03PM (#51471267)

    Looks like your days are numbered, black hats!!

  • by VAXcat ( 674775 ) on Tuesday February 09, 2016 @01:07PM (#51471307)
    If you like your privacy, you can keep your privacy.
    • If you want to protect your privacy, you must register as a business entity — corporation or limited liability company — in a state that provides anonymity for owners (i.e., Wyoming or Nevada). Otherwise, anything you own in your own name is visible on public records.
    • Does the Heritage Foundation have a cybersecurity proposal that they've disavowed?

  • This is a tiny portion of an overall 4.1 Trillion dollar budget submitted to Congress -- a Congress, mind you that would never pass this budget because:
    A) Obama is a democrat
    B) Obama is black
    C) The budget has more spending than previous budgets.

    And frankly, even if the Congress was working with the president instead of against him, they are a bunch of arrogant incompetent do-nothings -- I personally thing our political gridlock has more to do with the likes of Louie Gohmert than with actual malice -- they a

  • Everybody on the gravy train! This is going to be 10x better than Y2K, and afterwards we'll have 2038 to cash in on.
  • Government: We suck at everything, but we'll excel at infosec!

  • by ErichTheRed ( 39327 ) on Tuesday February 09, 2016 @01:23PM (#51471537)

    Most of the "cybersecurity holes" can be tracked down to some contractor slapping in an insecure installation of -whatever- to do the bare minimum needed to keep the contract. This is what needs to be fixed -- contracts need to be monitored closely and terminated in cases of poor performance. Security is a human error thing mostly:
    - Not removing default passwords and accounts
    - Leaving ports open and services running that aren't necessary
    - Not keeping up with product versions and patch cycles
    - Leaving unencrypted disks full of data on trains or in cars that get broken into

    The problem is that even big companies can't manage to get this right, let alone government agencies. Big companies fall prey to the same mentality of just hiring contractors. Even the NSA did this -- if there was ever an organization that needed to do their own in-house IT, that's definitely #1 on the list. Employees will care about security when employers start demanding it.

    The solution, which is nearly impossible to implement, is to make everyone involved step their game up. Hire real, full time employees who are committed to the agencies' or companies' missions at a level slightly above "I can keep my job." Make sure everyone is trained and double-check work.

    • The solution, which is nearly impossible to implement, is to make everyone involved step their game up. Hire real, full time employees who are committed to the agencies' or companies' missions at a level slightly above "I can keep my job." Make sure everyone is trained and double-check work.

      That's the kind of security work I'm doing for government IT.

      • I recently witnessed a branch of a government agency completely dismantle it's technical security group. All the employees who specialized in technical security were moved into their corresponding technical groups. The theory that was bandied about was that those people would train everyone on security and it'd just become a part of everyone's job. This largely falls apart though when the person conducting a security audit is also the person responsible for fixing the holes and appeasing the customers by no

        • For the project I'm working, the full time employees tried to get the contractors fired and sabotage their work. In part because they were afraid that contractors might eventually replace them later on. Opposition died down after we prove that we could drive the successful remediation metric from 50% to 95% each month, and occasionally hit 99% from time to time. Now the fulltime employees can focus on the big problems that need remediation because they're not working in the trenches.
    • Comment removed based on user account deletion
    • I've worked for companies that had pretty much all full time employees, and a stable workforce that was probably too dedicated to their company. Yet they had security issues too. I found that over-management actually encouraged mistakes in coding, even if it was their intention to help.

      I think the real issue here is that we expect managers, whether they be government officials or actual managers, to motivate people into providing better security. The truth is that every year, more inexperienced people ent

    • Not to mention the decade long trend of replacing internal IT staff with contractors. That way you have very few IT internal staff that know anything about anything, and those that do have no time to do anything, and many of them are retiring. Because of "big government". When all it really amounts to is a game of legerdemain, you have a smaller "salary" footprint, but you probably spend twice that on consultants anyway, just to look smaller. When all your projects are done by consultants, what few internal

  • by Snotnose ( 212196 ) on Tuesday February 09, 2016 @01:37PM (#51471721)
    All he has to do is get the NSA to work for good instead of evil. Problem solved with no additional money spent.
    Oops, there's the problem. "No additional money spent" means a program will never get off the ground in Washington.
  • by Vasheron ( 1750022 ) on Tuesday February 09, 2016 @01:48PM (#51471829)
    No doubt this will turn into the F-35 of IT security: badly designed, poorly implemented, over budget, behind schedule, and ultimately ineffective.
    • No doubt this will turn into the F-35 of IT security: badly designed, poorly implemented, over budget, behind schedule, and ultimately ineffective.

      Like anything the government does.

    • ... badly designed, poorly implemented, over budget, behind schedule, and ultimately ineffective.

      Sounds like every other IT project I've ever seen.

  • And to save money, Wall Street stooge, President Obama, will be using only foreign visa replacement workers!

    You go, Obama, you go . . . .

    Recommended reading:

    Sold Out, by Michelle Malkin and John Miano

    Outsourcing America, by Ron Hira
  • by bradley13 ( 1118935 ) on Tuesday February 09, 2016 @02:03PM (#51471991) Homepage

    Great, yet another federal bureaucracy (actually, two) to get in the way and generally screw things up.

    Really, it's just another way to feed taxpayer funds to political friends, all under a "feel good" title.

  • If step one of his plan is not to fire all the idiots in charge and replace every single one with someone that has a MINIMUM 10 years experience on the ground with cybersecurity, then it's a failure.

    Law enforcement people are idiots when it comes to Cyber security, you need real people that know what the hell they are doing in order to be smart enough to make decisions and direct properly.

    Instead we get Executives that barely know how to lock a door properly put in charge and they make stupid decisions tha

  • For yet another big government pork project!

    Fuck Obama.

  • Meh, it's only money not counting what we already spend in this area. Hey, here's a nifty idea. With all the loopholes and private e-mails flying around with secure information, why not admit we failed and start over? That means get rid of the so called "experts" from Booze Allen et al. and at the NSA and replace it with the kind of infrastructure we need to protect our National Security. Oh and enforce the fucking espionage laws including those faux pas of those elected and un-elected officials who de

  • by erp_consultant ( 2614861 ) on Tuesday February 09, 2016 @02:20PM (#51472207)

    Another Executive Order? Is that the only way that things get done these days? Did Obama even bother to try to work with Congress? I think not. The only thing coming out of the Oval Office these days are EO's so the process is obviously being abused.

    I think we should change the rules on what Executive Orders are and how they can be used. Currently they are being used as a way to push forward whatever the President wants - regardless of what Congress votes on or what the majority of American citizens want. If Congress cannot come to an agreement on a bill then it should not become a law.

    If we are going to have a system of government where the President passes all the laws (and, by the way, an EO is NOT a law) then we should just abolish the Congress and have a King. Welcome to Indonesia West.

  • Comment removed based on user account deletion
  • You know whenever I hear "cyber" used, I know it is some US Government flunky who is using the term. Nobody calls it "cyberspace" anymore unless you're talking to senior citizens or the government. It's as jarring as listening to actors trying to sound "hip" on some 1960s filmstrip in school.

  • " and student loan forgiveness to help recruit top technical talent." Well, even if the next POTUS does roll this back, hopefully some of us can get into this program first and get some benefit from it.
  • I'm wondering what country's citizens will be getting the benefit of the work that comes from this.

"Never face facts; if you do, you'll never get up in the morning." -- Marlo Thomas

Working...