Today the White House dropped a massive Cybersecurity National Action Plan that aims to upgrade online security and privacy for the government, corporations, and regular citizens. The plan includes an executive order to create a Federal Privacy Council, a job description for the new title of Chief Information Security Officer, and requests $19 billion in extra funding. The president's plan pulls tech companies into the federal policy process, with some of the biggest—including Dropbox, Facebook, Google, Intel, Microsoft, RSA, and Twitter—already voicing support.
Many parts of the plan deal with big government programs such as securing infrastructure from hackers, but there are several aspects you could encounter in everyday life:
Multifactor authentication: The plan pushes adoption of logins that require more than typing "Password123." Multi-factor authentication—often called two -step verification—requires a second proof of identification beyond a password, such as tapping the fingerprint reader on new smartphones or receiving a text message with a security code to enter. Big tech services including Facebook, Google, Twitter and Dropbox already offer two-step verification, but the White House's plan aims to make it more widespread, including for federal services.
Better government websites: The president is asking for $3.1 billion to modernize federal IT systems. He also wants to create shared government IT services so that each agency doesn’t have to develop its own system. If it works, this could lead not only to better privacy and safety on federal government sites but also to a more efficient process for things like getting information on taxes or applying for government benefits.
Less typing of Social Security numbers: The White House wants to move away from using Social Security numbers to identify people, since these digits also help identity thieves do their work. (If you are already a victim, you can tap into the government's updated IdentityTheft.Gov site to report a theft and get help with steps like contacting credit bureaus and debt collectors).
Cybersafety stickers on gadgets: You know those UL (Underwriters Laboratories) stickers on electronics saying that they have been certified as safe—such as not prone to catching fire? The president's plan will expand UL and other certification programs into a Cybersecurity Assurance Program that tests and verifies the security from hacking of connected Internet of Things devices such as kitchen appliances and medical equipment.
Job and education opportunities: Looking for work and good benefits? Obama plans to hire security pros in several places, such as to fill out new civilian cyber defense teams at the Department of Homeland Security and to build 133 teams in the Cyber Mission Force that protect the government and infrastructure against hack attacks. The plan would add tens of million of dollars to fund scholarships in cybersecurity education for people who want to join the government initiatives. It will also offer student loan forgiveness to entice recruits.
Enticing talent could be a challenge though. The hottest new job proposed is the Federal Chief Information Security Officer to oversee the revamping of government IT programs. The position will pay between $123,175 and $185,100—roughly the compensation range for a standard Google software engineer.