White House cybersecurity coordinator Howard Schmidt will host a meeting Wednesday to discuss progress and ways to move forward on the cybersecurity agenda outlined by President Barack Obama in May 2009.
Among those expected at the meeting are Homeland Security Secretary Janet Napolitano, and Gary Locke, Secretary of Commerce and several industry representatives, including some from electric utility companies and the vendor community.
The goal of the meeting is "to discuss how the Obama Administration is doing with regard to the cybersecurity strategy that they laid out about this time last year," said Larry Clinton, president of the Internet Security Alliance (ISA), an industry trade group that has been invited to the briefing.
A key focus of the meeting is going to be on how to use economic incentives to stimulate and improve private sector cybersecurity, Clinton added.
In a White House speech last year, President Obama called on those involved in security issues at government agencies and in the private sector to devise a comprehensive strategy for improving cybersecurity.
He called for a greater focus on goals, management priorities and accountability. Obama also called for the development of a better cyber response capability and a bigger focus on building stronger public and private partnerships around cybersecurity.
Since that call to action, the administration has been moving in the right direction, Clinton said, pointing to milestones such as the appointment of Schmidt as White House Cyber security coordinator and the standing up of a centralized cyber command in the Department of Defense.
A recent White House memorandum clarifying the specific roles of the DHS, Office of Management and Budget and Schmidt's office in cybersecurity matters was also a big step in the right direction, he said.
What has been missing so far, and is therefore likely to receive considerable attention at the meeting, is the issue of how to use economic incentives, such as tax breaks and procurement incentives, to foster better cybersecurity in the private sector, Clinton said.
"I think we'd like to see more momentum built up with respect to the development of market incentives for the enhancement of private sector cyber security," he said.
Although the President has expressed support for such incentives, there has been little legislative action taken so far in this regard, Clinton said. In fact, some of the proposals in Congress have taken the opposite direction and have called for more mandates on the private sector, he said.
"The President has said he is opposed to more mandates. I am not sure if that message has been heard widely," he said.
It is unclear yet to what extent this issue will be discussed at Wednesday's cyber briefing, Clinton said. "It certainly will be my focus," he said.
Alan Paller, director of research at SANS Institute, a Bethesda, MD.-based security training and certification organization, said his pitch at Wednesday's meeting will be for concrete action around cybersecurity enhancements.
"It is time for dates and independently measurable targets for vulnerability reduction, traffic monitoring, software improvement, and identity implementation," Paller said.
"Far too many months have passed for another soft strategy document from DHS or the White House," he said.