Skip to Content

What Obama’s Cybersecurity Strategy Leaves Out

In two new executive orders, the president makes no explicit mention of fighting terror and limits his administration’s privacy goals.
February 9, 2016

After a year of online megabreaches, President Obama on Tuesday proposed sharply increasing cybersecurity spending to $19 billion (from $14 billion) and released an executive order establishing a cybersecurity study commission.

The presidents proposals include retiring antiquated federal servers and IT systems and shaking up R&D efforts to ensure that next-generation technologies are more secure from the start.

But the plan has some big gaps. For one thing, while his new study commission includes a nod to national security in its mission statement, it does not explicitly include a mandate to create policies that will combat terrorists’ use of social networks for recruiting and spreading propaganda.

Obama recently addressed this topic by developing a counterterrorism task force and meeting with Silicon Valley titans. But his newly announced initiatives imply a continued reliance on private-sector companies to enforce their terms of service. Last week, for example, Twitter announced it was greatly ramping up efforts to shut down ISIS-supporting accounts. Blocking such accounts is something Twitter has been saying it’s been doing for more than a year.

President Obama at the National Cybersecurity and Communications Integration Center, Jan. 13, 2015.

Herb Lin, a cybersecurity and policy researcher at Stanford University, said the nation needs a “cyberstrategy” in addition to the kinds of  “cybersecurity strategies” we heard about today. In an interview, Lin said: “A national cybersecurity strategy is a perfectly fine thing to do. It’s just not comprehensive, in the sense that it does not include a lot of other things.”

For example, ISIS’s use of online social networks “is not cybersecurity in the sense of making your computer more secure, but it is a cyber issue,” he said. “And does the U.S. have a comprehensive approach, a policy approach, to deal with new technologies that pose a risk to privacy?”

The answer is no. Although a second executive order by Obama on Tuesday formed a privacy council, this body is concerned mainly with figuring out ways to safeguard data held by federal agencies. (Last year’s devastating hack on the U.S. Office of Personnel Management exposed the records of more than 21 million people.) 

Meanwhile, the political rumblings are ominous. Donald Trump—who is expected to win Tuesday’s Republican presidential primary in New Hampshire—recently advocated shutting down parts of the Internet to prevent young people from being recruited to travel overseas to fight for terrorist causes. 

“We’re losing a lot of people because of the Internet,” Trump recently asserted. One can only wonder what his cyberstrategy might include.

Keep Reading

Most Popular

DeepMind’s cofounder: Generative AI is just a phase. What’s next is interactive AI.

“This is a profound moment in the history of technology,” says Mustafa Suleyman.

What to know about this autumn’s covid vaccines

New variants will pose a challenge, but early signs suggest the shots will still boost antibody responses.

Human-plus-AI solutions mitigate security threats

With the right human oversight, emerging technologies like artificial intelligence can help keep business and customer data secure

Next slide, please: A brief history of the corporate presentation

From million-dollar slide shows to Steve Jobs’s introduction of the iPhone, a bit of show business never hurt plain old business.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.