Black Hat Conference: Experts Develop Cybersecurity Recommendations For Next President

The Cyber Commission has loose ties with each of the remaining presidential campaigns, yet members admit they don't expect all of their recommendations to be followed.
A group of 40 former and current government cybersecurity experts has convened to put together a series of cybersecurity recommendations for the next U.S. president, members of the think-tank-sponsored Cyber Commission for the 44th President said Wednesday at the Black Hat security conference in Washington, D.C.

"This is no longer a boutique issue," said James Lewis, director of the technology and public policy program for the Center for Strategic and International Studies. "It has to be a part of the thinking about national security from this point on. This is one of the central issues for national security and we want to make sure it doesn't go away."

Though the Cyber Commission has loose, informal ties with each of the remaining presidential campaigns, members admitted that they don't expect all of their recommendations to be followed. The nine-month-long panel began its work a few weeks ago and hasn't yet come to any final recommendations. Since it is being run out of CSIS, it doesn't necessarily have the credibility of a government-mandated commission. But prominent members, including two sitting members of Congress and Jerry Dixon, former executive director of the National Cyber Security Division at the Department of Homeland Security, could give it some sway.

There are several key questions commission members said they want to address. For example, they want to define and flesh out a clearer command and control structure for federal cybersecurity, which doesn't necessarily include a cybersecurity czar. They also want to recommend standardization of technology procurement procedures across federal agencies and determine research and development priorities.

"The benefit of the commission is, it's really going to reorient and prioritize," Dixon said. "When something happens in the information security realm for government, we're often reactive. How do we get to proactive?"

Tom Kellerman, VP of security awareness for Core Security Technologies and a former cybersecurity exec at the World Bank, rattled off a number of statistics he said showed how urgent it is to create a cohesive cybersecurity policy for the country. He said the federal government has seen a 158% increase in successful cyberintrusions over the past year and that an FBI study found 108 countries were engaging in cyberespionage of some sort.

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing