This past week in San Fancisco, "Cyber Czar" Howard Schmidt announced the Obama Administration’s approach to confronting the cyber-threats against U.S. infrastructures. Many of the strategies outlined in the Comprehensive National Cybersecurity Initiative ("CNCI") were designed to enhance the Government’s objectives of, (1) establishing a front line defense against today’s threats to our cyber-infrastructure; (2) enhance counter-intelligence capabilities; and (3) strengthen the future of the cyber-security world. The Initiatives specifically address how the Federal government will handle the problem of cyber-related issues. However, there is some good insight and guidance that many public and privately held organizations, including non-profits, could use in the takeaway.
The most important initiative in the CNCI is "Initiative 8 – Expand cyber education." Here, the Department of Homeland Security concludes that "[w]hile billions of dollars are being spent on new technologies to secure the U.S. Government in cyberspace, it is the people with the right knowledge, skills, and abilities to implement those technologies who will determine success. However there are not enough cybersecurity experts within the Federal Government or private sector to implement the CNCI, nor is there an adequately established Federal cybersecurity career field. Existing cybersecurity training and personnel development programs, while good, are limited in focus and lack unity of effort. In order to effectively ensure our continued technical advantage and future cybersecurity, we must develop a technologically-skilled and cyber-savvy workforce and an effective pipeline of future employees. It will take a national strategy, similar to the effort to upgrade science and mathematics education in the 1950’s, to meet this challenge." This ultimately is what data governance means, not only is the establishment of technology and processes important to a sound data governance program, but ensuring that the PEOPLE make the policy a living, breathing behavior that is a part of the corporate culture.
To read more about the CNCI, please click here: The Comprehensive National Cybersecurity Initiative