In a morning press event at the White House, President Barack Obama committed his administration to the security of the nation's networks and computers. Among the immediate priorities for the administration are creating a national strategy, developing strong relationships will key groups in the private and public sectors, building a framework for a unified response to cyber incidents, boosting cybersecurity research and development, and promote national awareness of cybersecurity issues.

"From now on, our digital infrastructure — the networks and computers we depend on every day — will be treated as they should be: as a strategic national asset," the president said. "Protecting this infrastructure will be a national security priority. We will ensure that these networks are secure, trustworthy and resilient."

In addition, President Obama plans to create a new office at the White House to be led by a special advisor, the Cybersecurity Coordinator, that will be part of a unified National Security Staff.

"I will depend on this official in all matters relating to cybersecurity," President Obama said. "And this official will have my full support and regular access to me as we confront these challenges."

The announcement, which came a month later than expected, contained few surprises and followed many of the recommendations of a non-partisan commission that called for a top-level advisor to the president on cybersecurity. With critical infrastructure still open to online attack and information of national importance regularly stolen by network intruders, experts have called for the United States to develop the equivalent of a Monroe Doctrine for the Internet, defining what constitutes its cyberspace and pledging to defend the nation's virtual borders. In February, the Obama administration announced its plans to assign Melissa Hathaway, a top cybersecurity advisor from the Office of the Director of National Intelligence, to oversee a review of the United States' cybersecurity efforts.

The new Cybersecurity Coordinator's office will create and manage the nation's strategy for strengthening computer defenses and work with the Office of Management and Budget to keep federal agencies focused on bettering this cybersecurity posture. In the event of a major cyber attack, the Coordinator will manage the response, the president said.

In the administration's 76-page Cyberspace Policy Review (pdf), ten near-term actions are listed. In addition to creating the top cybersecurity policy official, the Review calls for an update national strategy to secure information and communications infrastructure, create temporary working groups to review legal issues created by the policy, educate the public on cybersecurity issues, and prepare a cybersecurity incident response plan.

The Review also calls for a position to be created to review privacy and civil liberties issues created by the nation's cybersecurity policy. In his speech, President Obama stressed that securing the nation's networks does not mean monitoring its citizens.

"Our pursuit of cybersecurity will not — I repeat, will not — include monitoring private sector networks or Internet traffic," the president said. "We will preserve and protect the personal privacy and civil liberties that we cherish as Americans. Indeed, I remain firmly committed to net neutrality so we can keep the Internet as it should be — open and free."

The security industry mostly had good reviews of the president's policy announcement.

"It is gratifying to see the Obama Administration re-establish a strong White House presence for cyber security issues," Enrique Salem, president and CEO of Symantec, the owner of SecurityFocus, said in a statement. "In the six years since cyber security oversight and involvement was moved from the White House to other government agencies, the attacks have grown on an organized basis and have continued to intensify to the point where they are now a full-blown threat to national security and commerce."

Yet, others criticized the lack of detail in the announcement, particularly in how to improve the national response to cyber attacks.

"President Obama commented on information sharing on the what the cyber threat is, unfortunately there is not enough focus on where the threat is coming from, nor reducing the response time to those threats," Chris Schwartzbauer, senior vice president at Shavlik Technologies, said in a statement sent to SecurityFocus. "And the more information we get about where threats are coming from will help us better defend against them."

Schwartzbauer pointed to the Conficker virus as a good example of the shortcomings of the nation's response to threats. The private sector and the government were slow to share information on the worm, which infected millions of computers worldwide. Moreover, the success of the worm highlighted the lack of dedication to patching, he said.

President Obama underscored that creating a cybersecurity policy and improving network security will not be done in a year or even completed during his presidency.

"The task I described will not be easy," the president said. "Some 1.5 billion people around the world are already online, and more are logging on every day. Groups and governments are sharpening their cyber capabilities. Protection our prosperity and security in this globalized world is going to be a long, difficult struggle demanding patience and persistence over many years."

If you have tips or insights on this topic, please contact SecurityFocus.