Lest one question the severity of the evolving challenges in our rapidly growing cyber world, President Obama has crystallized it succinctly: (1) “cyber threat is one of the most serious economic and national security challenges we face as a nation;” and (2) “America’s economic prosperity in the 21st century will depend on cybersecurity.” In other words, President Obama has declared cybersecurity to be a national security priority.

While that’s obviously good news, the follow-up question is “how are we doing in meeting the associated demands?” Regrettably, not so well, it seems.

Speaking before cybersecurity and privacy experts from government, law enforcement, the private sector, academia and privacy and civil liberties groups, President Obama, Homeland Security Secretary Janet Napolitano, Commerce Secretary Gary Locke, Cyber Coordinator Howard Schmidt and other Administration officials uniformly acknowledged that far more work needs to be done to protect digital communications and information infrastructure and make it more difficult and costly for cybercrimimals.

According to the government’s progress report, published following the President’s address, one of the first steps to be taken is the implementation of a cybersecurity incident response plan, colloquially referred to as the National Cyber Incident Response Plan, which is in its final draft form and will be tested in September. The Plan is designed to ensure a coordinated national response in the event of a “significant cyber incident.”  At or about the same time, the Department of Homeland Security will introduce a cybersecurity program to raise public and private awareness. 

Beyond these efforts, the government recently released its National Strategy for Trusted Identities in Cyberspace, a proposed Internet identity authentication plan intended to improve online privacy and security.

The government’s progress report further notes that the Administration is working with other like-minded nations to build a framework for international cybersecurity policy as part of the United Nations Group of Governmental Experts on cybersecurity.  In this regard, cybersecurity diplomats and specialists representing 15 countries recently published a report presenting recommendations to the U.N. Secretary General for negotiations on an international computer security treaty.  The U.N report recommends five steps to improve cybercooperation and security, including improved communications and enhanced exchanges of ideas and information. Most promising, the signatories include Russia, China, Great Britain, France, Germany, Italy, India, and Israel.

Beyond governmental initiatives, the Administration has urged public and private industry to collaborate on solutions to protect the nation’s technology infrastructure. A key component of the government’s agenda is to facilitate the creation of a robust cybersecurity insurance market designed to motivate public and private industry to improve their own cybersecurity.  At present, there is no time frame or outline for this proposal. Still, the government’s public acknowledgement that the insurance industry needs to become a leader in finding solutions is a clear signal that far more needs to be done on that front as well.

In short, cybersecurity is a key element of the Obama Administration’s agenda. Insurance executives, underwriters, brokers and policyholders alike should seize the initiative and invest themselves in finding solutions. The incentives are obvious. The need is clear. The time is now.