Four Presidents on Network Security
The First Cybersecurity Czar
President Clinton created the first National Cybersecurity Coordinator position, often called the Cybersecurity Czar, who was responsible for helping the Federal government devise strategies and implement policies to help the nation and its allies from cyberattacks from state and non-state actors. Clinton’s gathered intelligence made him and his advisers aware that cyberwarfare could be a devastating action across the country, particularly as Americans grew more dependent on computers and the internet of things (IoT), as well as the possibility of an adversary gaining control of critical infrastructures that could further damage the United States. Although many analysts applaud President Clinton for attempting to address public and private sector needs of cybersecurity, many would also suggest that his administration could have invested more time and resources into developing and implementing policies that the Federal government could recommend to private companies and technology users around the world. However, many agree with the measures taken by President Clinton. In addition to addressing more network security, the OSI model and TCP/IP remained popular protocols during his administration but did not receive an updated model to replace them; therefore, they both represent the two most essential components of building and securing computer networks today.
Department of Homeland Security (DHS)
President Bush did not introduce new policies to enhance security measures like the OSI model and TCP/IP; however, after the attacks on 9/11, he created the Department of Homeland Security (DHS) which aimed to address American’s domestic security needs, including on how to secure networks and defend them to protect companies and American citizens. President Bush divided the responsibilities for addressing cybersecurity professionals in the following way: information security analyst within the United States would collaborate with the Department of Homeland Security, while analyst who need to investigate international instances of cyberwar will do so with the assistance of the Department of Defense. President Bush received praise for the designation of these two departments, as for the first time in American history, the nation had a sound strategy for implementing offensive and defensive cybersecurity efforts.
Sharing Information on Network Security
President Obama continued the Bush strategy of having two departments to handle cybersecurity efforts. However, he began to develop an executive order that would allow the Federal government to make recommendations to private companies and individuals on how to secure their networks. The executive order particularly sought to find areas in which nations can collaborate on network security especially when they share resources or critical infrastructures. The executive order 13636 has become a part of the American Cybersecurity Strategy in 2014, and has become a model framework in which other nations have adopted over time. It is noteworthy to underscore that President Obama created the law through executive order rather than submitting a bill to congress, as cybersecurity remains an issue that both major political parties in the United States often reject proposals for; the 2014 NIST Framework enforced the following procedures:
• Provide an evaluation and analysis of the organization’s current ability to carry out cybersecurity efforts.
• Set clear objectives on which area of cybersecurity the organizations would like to improve and in what allotted time.
• Continue to update technologies and train professionals who will be responsible for monitoring and prioritizing networks.
• Implement a method of measuring the progress the company has in achieving its cybersecurity goals.
• Communicate with federal, state and international institutions on cybersecurity best practices and experiences with particular threat agents.
Interdependency
One of the most important aspects of the 2014 NIST strategy is that it urges countries with interdependent resources and critical infrastructures to form a dialogue to help them better prepare for cyberwar in the future. Since international communication has been increased more nations are starting to implement the OSI model and TCP/IP according to American standards.
Policy for 2018-2020
Even though President Trump has eliminated the Cybersecurity Czar position, the President has introduced his own strategy going forward in September of 2018 which seeks to accomplish the following:
• protect the American people, homeland, and the American way of life,
• promote American prosperity,
• preserve peace through strength,
• and advance American influence.
President Trump appears to be building on the concepts created by his predecessors particularly areas of his policies that encourage public and private institutions to share their experiences with cyberattacks and collaborate on using the OSI Model and TCP/IP together in order to reduce the occurrence of cyberattacks in nations that are collaborating to protect citizens and critical infrastructures. The Trump administration has continued domestic and international policies that impact network security in the United States, Canada and other nations.