President Obama Releases Cybersecurity Review

UPDATE 6/4 – USACM issued this press release outlining its comments on the cybersecurity review. USACM Chair Eugene Spafford noted that while “the President hit many of the right notes in his remarks” the report missed “any emphasis on funding, tools or support for better law enforcement” as well as any discussion of research.

ORIGINAL POST – 5/29
Today the Obama Administration released its cybersecurity review, a 60 day review of federal cybersecurity activity headed by Melissa Hathaway and completed in late April. The report is available online, along with the remarks made this morning by the President. Additional material on the review can be found at http://www.whitehouse.gov/CyberReview/.

Reviewing the report, it seems clear that this is the first step in what may be a years-long process in shifting current federal cybersecurity efforts. The document is a roadmap more than a list of specific policy recommendations. The White House will be taking a more active role in this policy area, with a cybersecurity official based in the White House interacting with the national security and economic advisory groups that work with the President. Previously cybersecurity efforts at the federal level have been organized to emphasize national security and homeland security impacts, leaving economic concerns far behind. With the costs of bad cybersecurity increasing, this shift is a good sign.

Besides the changes in federal organization of cybersecurity, the report goes on to make general recommendations for increasing education and awareness in the public (both individuals and corporations), fostering pubic-private partnerships, and increasing information sharing about cybersecurity vulnerabilities. This last point has been a source of tension, and could be one of the larger challenges moving forward.

Federal Advisory Board Recommends Updates to Nation’s Privacy Policies

The Information Security and Privacy Advisory Board (ISPAB) recently released a report to the Director of the Office of Management and Budget (OMB) on the need to update the nation’s privacy policies. Since the Privacy Act of 1974, there has been little or no government-wide guidance on privacy. Individual agencies have been responsible for the privacy of their data, with widely varying results. That absence of guidance and the significant changes in technology since 1974 have prompted the ISPAB’s report. Their recommendations:

    Amend the Privacy Act and the E-Government Act of 2002 to:
    1) Improve government privacy notices
    2) Update the definition of a system of records to reflect changes in technology and use of data; and
    3) Clearly cover commercial data sources.

    Improve government leadership on privacy by:
    1) Establishing a government Chief Privacy Officer within OMB,
    2) Regularly update Privacy Act guidance,
    3) Hire Chief Privacy Officers at all agencies with Chief Financial Officers, and
    4) Establish a Chief Privacy Officers Council.

    Make other changes to privacy policies, including:
    1) Updating federal cookie policy,
    2) Issue privacy guidance on agency use of location information,
    3) Work with US-CERT to create interagency information on data loss across the government, and
    4) Public reporting on use of Social Security Numbers.

More details on each of these recommendations can be found in the report.

Federal Advisory Board Recommends Updates to Nation's Privacy Policies

The Information Security and Privacy Advisory Board (ISPAB) recently released a report to the Director of the Office of Management and Budget (OMB) on the need to update the nation’s privacy policies. Since the Privacy Act of 1974, there has been little or no government-wide guidance on privacy. Individual agencies have been responsible for the privacy of their data, with widely varying results. That absence of guidance and the significant changes in technology since 1974 have prompted the ISPAB’s report. Their recommendations:

    Amend the Privacy Act and the E-Government Act of 2002 to:
    1) Improve government privacy notices
    2) Update the definition of a system of records to reflect changes in technology and use of data; and
    3) Clearly cover commercial data sources.

    Improve government leadership on privacy by:
    1) Establishing a government Chief Privacy Officer within OMB,
    2) Regularly update Privacy Act guidance,
    3) Hire Chief Privacy Officers at all agencies with Chief Financial Officers, and
    4) Establish a Chief Privacy Officers Council.

    Make other changes to privacy policies, including:
    1) Updating federal cookie policy,
    2) Issue privacy guidance on agency use of location information,
    3) Work with US-CERT to create interagency information on data loss across the government, and
    4) Public reporting on use of Social Security Numbers.

More details on each of these recommendations can be found in the report.

White House To Try Online Brainstorming for Open Government

One of the earliest official actions of the Obama Administration was to issue a memorandum requesting a set of recommendations to inform an Open Government Directive. USACM has expressed interest in technical principles and standards that would support such an effort, and released a set of recommendations to that effect. In late May the White House set up an Open Government Blog and issued a request for public comment to inform this Directive. Comments can be sent in to the Open Government Blog, via email or regular mail, and are due June 19.

Supplementing this public comment period is a brainstorming session that will attempt to use a weblog and a wiki to crowdsource recommendations. The public could submit ideas online and vote on the best ideas. That phase closed today. Starting June 3 on the Open Government Blog the most compelling ideas will be posted for comment. Starting June 15 a wiki will be created to draft recommendations collaboratively. This last phase is a new development compared to other online collaborative efforts the Obama Administration has used (and the campaign before them). It remains to be seen how effective a wiki can be when opened nationwide.

Education Policy Hill Briefing Highlights Computer Science Education

A Hill briefing co-sponsored by the ACM Education Policy Committee, with the support of the House STEM Education Caucus and the Congressional Black Caucus covered the challenges and successes of computer science education at the K-12 level. The well-attended event (approximately 70 people) showcased a pilot program in the Los Angeles Unified School District that will soon be expanded into 20 additional schools. Education Policy Committee members Robert Schnabel, Chris Stephenson, and Joanna Goode spoke at the event, and Representative Vernon Ehlers also gave remarks to the assembled Congressional and agency staff.

Briefing Speakers with Rep. Ehlers

Schnabel set the stage for the event, describing how computer science education often falls through the cracks of the other STEM disciplines (science, technology, engineering and mathematics). Chris Stephenson discussed the problems computer science has had in establishing itself at the K-12 level. Standards for certifying computer science teachers vary widely from state to state, as does the classification of computer science courses (whether or not they count toward graduation requirements, and in what field). What can happen is that a computer science teacher may need to earn certification as a business teacher in one state, but a math or science teacher in another state. Where courses are concerned, computer science could be counted as a math course, a science course, or a course in some other subject matter. This makes it harder for students to plan their high school coursework. Additionally, if a student is seeking a college prep courseload, they aren’t likely to take a computer science course that is counted as an elective or otherwise won’t be credited as one of the math or science courses they need for graduation.
Continue reading “Education Policy Hill Briefing Highlights Computer Science Education”

NITRD Bill Amended to Increase Emphasis on Computer Science Education

Today the House passed by voice vote H.R. 2020, which is a bill to amend the High Performance Computing Act. Part of this law establishes the National Information Technology Research and Development Program, or NITRD. NITRD helps coordinate national efforts in computer science and information technology through strategic planning and other coordinating activities. The new bill reflects recent advances in computer science, and places a greater emphasis on NITRD supporting computer science education. Supporting documents of the House Science and Technology Committee, which has jurisdiction over the bill and NITRD, reiterate and expand on this emphasis on computer science education.

ACM’s Education Policy Committee submitted a letter in support of the bill. The committee appreciated several parts of the legislation, especially the parts intended to improve computer science education (Section 6 of the bill). The new bill requires that NITRD develop plans for improving the education pipeline for computer science and the diversity of students in that pipeline. What is even more encouraging is very strong language in the Committee Report on the bill. To quote directly, the House Science and Technology Committee “feels NITRD should play a key role in strengthening computer science education, particularly at the K-12 level.” From the report:
Continue reading “NITRD Bill Amended to Increase Emphasis on Computer Science Education”

ACM Co-Sponsors Hill Briefing on Education

On May 20th, ACM will co-sponsor a briefing on Capitol Hill with the House STEM Education Caucus and the Congressional Black Caucus. The event, “Bringing Innovative Computing Curriculum Across the Digital Divide,” will be held from 12-1:30 p.m. at B339 Rayburn House Office Building. The event is open to the public, but space is limited. If you are interested in attending, please send your R.S.V.P. to Vivian Chu (chu.vivian@hq.acm.org).

The briefing will cover the state of computer science education at the K-12 level and an exciting new computing curriculum and teacher preparation course funded by the National Science Foundation and Microsoft. These materials are focused on encouraging more participation by women and other underrepresented groups in computing, as well as brining high-quality computer science education to the K-12 level.

The speakers at the briefing are three members of ACM’s Education Policy Committee, which has focused on computing education at the K-12 level.

Dr. Robert Schnabel is the Dean of the School of Informatics at Indiana University
Dr. Chris Stephenson is the Executive Director of the Computer Science Teachers Association
Dr. Joanna Goode is an Assistant Professor at the University of Oregon, and one of the co-authors of the “Exploring Computer Science” course that is the focus of the briefing.

In addition, three members of Congress are expected to participate:

Rep. Vernon Ehlers (R-Michigan)
Rep. Eddie Bernice Johnson (D-Texas)
Rep. Danny Davis (D-Illinois)

Again, the event is open to the public. Please R.S.V.P. to Vivian Chu at chu.vivian@hq.acm.org.

ACM Washington Update, Vol. 13.4 (May 6, 2009)

CONTENTS

[1] Newsletter Highlights
[2] Proposed Legislation Would Expand Federal Reach Into Cybersecurity
[3] White House Cybersecurity Review Complete
[4] U.S. Government’s Chief Technology Officer Announced
[5] Federal Trade Commission Proposes Electronic Health Records Breach Rules
[6] President Obama Addresses The National Academies On His Policy Goals For Science
[7] President Obama Announces Key Advisors on Science and Technology
[8] About USACM

[An archive of all previous editions of Washington Update is available at
http://www.acm.org/usacm/update/]
Continue reading “ACM Washington Update, Vol. 13.4 (May 6, 2009)”