Skip to Content

What Obama’s Cybersecurity Strategy Leaves Out

In two new executive orders, the president makes no explicit mention of fighting terror and limits his administration’s privacy goals.
February 9, 2016

After a year of online megabreaches, President Obama on Tuesday proposed sharply increasing cybersecurity spending to $19 billion (from $14 billion) and released an executive order establishing a cybersecurity study commission.

The presidents proposals include retiring antiquated federal servers and IT systems and shaking up R&D efforts to ensure that next-generation technologies are more secure from the start.

But the plan has some big gaps. For one thing, while his new study commission includes a nod to national security in its mission statement, it does not explicitly include a mandate to create policies that will combat terrorists’ use of social networks for recruiting and spreading propaganda.

Obama recently addressed this topic by developing a counterterrorism task force and meeting with Silicon Valley titans. But his newly announced initiatives imply a continued reliance on private-sector companies to enforce their terms of service. Last week, for example, Twitter announced it was greatly ramping up efforts to shut down ISIS-supporting accounts. Blocking such accounts is something Twitter has been saying it’s been doing for more than a year.

President Obama at the National Cybersecurity and Communications Integration Center, Jan. 13, 2015.

Herb Lin, a cybersecurity and policy researcher at Stanford University, said the nation needs a “cyberstrategy” in addition to the kinds of  “cybersecurity strategies” we heard about today. In an interview, Lin said: “A national cybersecurity strategy is a perfectly fine thing to do. It’s just not comprehensive, in the sense that it does not include a lot of other things.”

For example, ISIS’s use of online social networks “is not cybersecurity in the sense of making your computer more secure, but it is a cyber issue,” he said. “And does the U.S. have a comprehensive approach, a policy approach, to deal with new technologies that pose a risk to privacy?”

The answer is no. Although a second executive order by Obama on Tuesday formed a privacy council, this body is concerned mainly with figuring out ways to safeguard data held by federal agencies. (Last year’s devastating hack on the U.S. Office of Personnel Management exposed the records of more than 21 million people.) 

Meanwhile, the political rumblings are ominous. Donald Trump—who is expected to win Tuesday’s Republican presidential primary in New Hampshire—recently advocated shutting down parts of the Internet to prevent young people from being recruited to travel overseas to fight for terrorist causes. 

“We’re losing a lot of people because of the Internet,” Trump recently asserted. One can only wonder what his cyberstrategy might include.

Keep Reading

Most Popular

A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?

Robot vacuum companies say your images are safe, but a sprawling global supply chain for data from our devices creates risk.

A startup says it’s begun releasing particles into the atmosphere, in an effort to tweak the climate

Make Sunsets is already attempting to earn revenue for geoengineering, a move likely to provoke widespread criticism.

10 Breakthrough Technologies 2023

Every year, we pick the 10 technologies that matter the most right now. We look for advances that will have a big impact on our lives and break down why they matter.

These exclusive satellite images show that Saudi Arabia’s sci-fi megacity is well underway

Weirdly, any recent work on The Line doesn’t show up on Google Maps. But we got the images anyway.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.