White House Commission on National Cybersecurity Launches With Distinguished Members

| Analysis

On April 13th, The White House announced that it has named the members of its non-partisan commission charged with making detailed recommendations on actions to ensure the public safety and empower Americans to take control of their digital security. The members have a strong and wide range of technical expertise and can be expected to make sound recommendations.


Backstory

On February 9th, President Obama issued an Executive Order, the "COMMISSION ON ENHANCING NATIONAL CYBERSECURITY." Section 3 describes the mission.

Mission and Work. The Commission will make detailed recommendations to strengthen cybersecurity in both the public and private sectors while protecting privacy, ensuring public safety and economic and national security, fostering discovery and development of new technical solutions, and bolstering partnerships between Federal, State, and local government and the private sector in the development, promotion, and use of cybersecurity technologies, policies, and best practices. The Commission's recommendations should address actions that can be taken over the next decade to accomplish these goals.

The membership of the commission would be appointed by the President.

April 2016

On Wednesday, April 13th, Special Assistant to the President and Cybersecurity Coordinator, Michael Daniel, announced the membership of the bi-partisan commission. "Today, we are pleased to announce that the President and the bipartisan Congressional leadership have selected the 12 individuals to serve on the Commission.  They are:"

  • Tom Donilon, former Assistant to the President and National Security Advisor (Chair)
  • Sam Palmisano, former CEO of IBM (Vice Chair)
  • General Keith Alexander, CEO of IronNet Cybersecurity, former Director of the National Security Agency and former Commander of U.S. Cyber Command
  • Annie Antón, Professor and Chair of the School of Interactive Computing at Georgia Tech.
  • Ajay Banga, President and CEO of MasterCard
  • Steven Chabinsky, General Counsel and Chief Risk Officer of CrowdStrike
  • Patrick Gallagher, Chancellor of the University of Pittsburgh and former Director of the National Institute of Standards and Technology
  • Peter Lee, Corporate Vice President, Microsoft Research
  • Herbert Lin, Senior Research Scholar for Cyber Policy and Security at the Stanford Center for International Security and Cooperation and Research Fellow at the Hoover Institution
  • Heather Murren, former member of the Financial Crisis Inquiry Commission and co-founder of the Nevada Cancer Institute
  • Joe Sullivan, Chief Security Officer of Uber and former Chief Security Officer of Facebook
  • Maggie Wilderotter, Executive Chairman of Frontier Communications

The statement continues, in part...

These 12 individuals will be charged with recommending bold, actionable steps that the government, private sector, and the nation as a whole can take to bolster cybersecurity in today’s digital world, and reporting back by the beginning of December. They will hold their first public meeting tomorrow at the U.S. Department of Commerce, where they will be joined by Secretary of Commerce Penny Pritzker, Assistant to the President for Homeland Security and Counterterrorism Lisa Monaco, and others to discuss the critical work that lies ahead for the Commission.

Observations

The makeup of the commission is interesting. The selection of a former director of the NSA, General Keith Alexander is good news, as well as Peter Lee, VP of Microsoft Research. Also notable is Patrick Gallagher, a former director of the National Institute of Standards and Technology. Given that these individuals, amongst the other distinguished members, are working in a bi-partisan way, it appears that the interests of all will be well explored and respected.

Meeting with the Secretary of Commerce Penny Pritzker is notable. The Secretary of Commerce is the cabinent member who signs off on the security of government purchased software. See: "Even the Federal Government Won’t Buy Apple Products That Don’t Meet Encryption Standards."

The timing is interesting. Given that rushed and alarming encryption legislation is already in progress, such as the Burr-Feinstein bill, it would seem expedient for the President's commission to move briskly. While ongoing results will probably be disclosed, it would seem expedient to have the final recommendations made this summer, not after the Presidential election in November. That timing seems problematic at first glance.

Finally, given the fact that only a handfull of members of Congress have computer science degrees, and the rest can be expected to drive encryption legislation on non-technical, political grounds, it's good to see the high level of technical expertise on the President's commission.

We can likely expect a substantive and respected set of recommendations from this commission. Whether those are followed is up to the rest of Congress.

_______________

White House image via Shutterstock.

Popular TMO Stories

Comments

vpndev

Why is Vint Cerf not on this list ??

And how about Bruce Schneier??

The existing list seems to be heavy on CEOs and their ilk, and light on advocates of privacy. Expertise is good but let’s not lose sight of independence of opinion. That is just as important, and lacking in the current board.

Jamie

I can’t help but notice that either, and that is actually the more alarming trend to me, there are already too many businesspeople making these kinds of decisions in my opinion (and no, I don’t feel that they are automatically a logical choice given how the world has evolved/is evolving. The point is for the conversation to include a variety of viewpoints and considerations, and every expertise comes complete with its own set of blinders).

Also, again I say: I myself do not have a computer science degree, yet none of these issues are a mystery to me (nor is modern technology). That to me is also a poor excuse for a variety of things.

I suppose it’s a start, but I’d prefer that our digital rights were folded into our regular old *rights*, rather than actually being kept something separate by law. My inner cynic is not jumping for joy at this news. wink

Scott B in DC

I agree with @vpndev, there are really no technical people on this commission. Most of these people are touches kissing politicians who couldn’t engineer themselves out of a wet paper bag. They don’t even know of the real problems those of us in the trenches face. This is why the state of information security is equivalent to the days when car manufacturers had to add 5 MPH bumpers. Just like those bumpers, it was a false sense of security… security theater… while the rest of the industry goes to hell in a hand basket.

And people want to know why I want to retire!

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account