recommended reading

Commerce announces new shop to oversee online security

The Obama administration is creating an office that will coordinate with the private sector to establish a secure pathway for people, organizations and computer programs to execute online transactions, Commerce Secretary Gary Locke announced on Friday.

The office will be part of a credentialing initiative outlined in President Obama's 2009 cyberspace policy review. Obama is expected to finalize the National Strategy for Trusted Identities in Cyberspace "in the coming months," Locke said. The system is intended to verify the identities of individuals, organizations and applications so they can have confidence in one another when exchanging personal or sensitive information.

"We need the private sector's expertise and its involvement in designing, building and implementing this identity ecosystem," Locke told executives in Silicon Valley at a forum sponsored by the Stanford Institute for Economic Policy; the National Science Foundation's Team for Research in Ubiquitous Secure Technology (TRUST); and industry groups TechAmerica, TechNet and the Churchill Club.

"To succeed, we will also need a National Program Office at the Department of Commerce that is focused on implementing the trusted identities strategy," he added.

The new program office also will collaborate with the Homeland Security Department and the General Services Administration to build consensus on regulations aimed at maintaining privacy, free expression and open markets, Commerce officials said. In addition, it will work with industry to identify areas potentially in need of new standards, and will encourage pilot projects to implement the trusted identities concept.

Locke and White House cyber czar Howard Schmidt, also in attendance, stressed the program will be voluntary and will not aimed at tracking the online movements of individuals.

"It's a world that has options," Schmidt said. "I don't have to get a credential if I don't want to. If I want to get a credential, I don't have to use it all the time. "

Locke said, "Let's be clear. We are not talking about a national ID card. We are not talking about a government-controlled system."

The problem the strategy is trying to address is the difficulty of memorizing dozens of passwords to securely engage in online activities, from banking to blogging. Schmidt noted many people use weak, obvious passwords so they don't have to worry about remembering so many; they don't change their passwords; and many use the same password for every website.

TechAmerica officials welcomed the announcement of a new point of contact in the executive branch for companies to provide feedback on this security approach.

"The government has clearly recognized that the tech industry must drive implementation of the national strategy," TechAmerica President Phil Bond said in a statement. "We call upon the government to establish an even stronger public-private partnership by creating a private sector advisory committee for the program office."

The office will be housed within Commerce's National Institute of Standards and Technology.

Sen. Barbara A. Mikulski, D-Md., chairwoman of the Appropriations Subcommittee on Commerce, Justice and Science, said in a statement: "I will be an active partner with Secretary Locke, NIST Director Gallagher and Cybersecurity Coordinator Schmidt to implement this important program. I can think of no better place than the National Institute of Standards and Technology for this important initiative to be housed."

Threatwatch Alert

Software vulnerability

Malware Has a New Hiding Place: Subtitles

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.