Skip to Content

What Obama’s Cybersecurity Strategy Leaves Out

In two new executive orders, the president makes no explicit mention of fighting terror and limits his administration’s privacy goals.
February 9, 2016

After a year of online megabreaches, President Obama on Tuesday proposed sharply increasing cybersecurity spending to $19 billion (from $14 billion) and released an executive order establishing a cybersecurity study commission.

The presidents proposals include retiring antiquated federal servers and IT systems and shaking up R&D efforts to ensure that next-generation technologies are more secure from the start.

But the plan has some big gaps. For one thing, while his new study commission includes a nod to national security in its mission statement, it does not explicitly include a mandate to create policies that will combat terrorists’ use of social networks for recruiting and spreading propaganda.

Obama recently addressed this topic by developing a counterterrorism task force and meeting with Silicon Valley titans. But his newly announced initiatives imply a continued reliance on private-sector companies to enforce their terms of service. Last week, for example, Twitter announced it was greatly ramping up efforts to shut down ISIS-supporting accounts. Blocking such accounts is something Twitter has been saying it’s been doing for more than a year.

President Obama at the National Cybersecurity and Communications Integration Center, Jan. 13, 2015.

Herb Lin, a cybersecurity and policy researcher at Stanford University, said the nation needs a “cyberstrategy” in addition to the kinds of  “cybersecurity strategies” we heard about today. In an interview, Lin said: “A national cybersecurity strategy is a perfectly fine thing to do. It’s just not comprehensive, in the sense that it does not include a lot of other things.”

For example, ISIS’s use of online social networks “is not cybersecurity in the sense of making your computer more secure, but it is a cyber issue,” he said. “And does the U.S. have a comprehensive approach, a policy approach, to deal with new technologies that pose a risk to privacy?”

The answer is no. Although a second executive order by Obama on Tuesday formed a privacy council, this body is concerned mainly with figuring out ways to safeguard data held by federal agencies. (Last year’s devastating hack on the U.S. Office of Personnel Management exposed the records of more than 21 million people.) 

Meanwhile, the political rumblings are ominous. Donald Trump—who is expected to win Tuesday’s Republican presidential primary in New Hampshire—recently advocated shutting down parts of the Internet to prevent young people from being recruited to travel overseas to fight for terrorist causes. 

“We’re losing a lot of people because of the Internet,” Trump recently asserted. One can only wonder what his cyberstrategy might include.

Keep Reading

Most Popular

This new data poisoning tool lets artists fight back against generative AI

The tool, called Nightshade, messes up training data in ways that could cause serious damage to image-generating AI models. 

Everything you need to know about artificial wombs

Artificial wombs are nearing human trials. But the goal is to save the littlest preemies, not replace the uterus.

Rogue superintelligence and merging with machines: Inside the mind of OpenAI’s chief scientist

An exclusive conversation with Ilya Sutskever on his fears for the future of AI and why they’ve made him change the focus of his life’s work.

Data analytics reveal real business value

Sophisticated analytics tools mine insights from data, optimizing operational processes across the enterprise.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.