National strategy is light on cybersecurity details

The National Security Strategy the White House released on Thursday emphasizes the importance of protecting cyberspace, but is weak on specifics, according to one observer.

In the security blueprint, President Obama acknowledged the need to pursue "new strategies to protect against ... challenges to the cyber networks that we depend upon." He said the United States will invest more in developing technology that better protects critical government and industry computer systems and networks. The strategy also calls on government, industry and international partners to work together to establish standards for combating cyber threats.

"It's encouraging that there is a section on cybersecurity," said James Lewis, director of the technology and public policy program at the Center for Strategic and International Studies, who noted the policy the George W. Bush administration released in 2006 included only one mention of cyber operations, and even then it was parenthetical.

Lewis said, however, that President Obama's plan for defending cyberspace lacked substance.

"It says partnership, people, research, but it could have just as well said faith, hope and charity," he said. "[I see] nothing new in this, and no path forward."

Lewis said the cybersecurity section of the document "is probably just a place holder while they come up with something else," perhaps in a separate document that mirrors the 2003 National Cyberspace Strategy.

In statement released on Thursday, House Homeland Security Committee Chairman Rep. Bennie Thompson, D-Miss., called the strategy "remarkable" for emphasizing the need to systematically address the cyber threat.