Obama unveils US cybersecurity plan

The President issued a report last week to mark the conclusion of his 60 day security audit. Obama launched the investigation in February to assess the state of the country's IT security structure.

In the report, Obama said that a new official position would be needed to oversee the country's cybersecurity practices. Such an official would work with both government groups and private firms to help protect the country from an online attack.

Other recommendations in the report include public awareness and education campaigns, and appointing officials to ensure privacy and civil liberties are preserved in security practices.

"To realise the full benefits of the digital revolution, users must have confidence that sensitive information is secure, commerce is not compromised, and the infrastructure is not infiltrated," the report read.

"Nation-states also need confidence that the networks that support their national security and economic prosperity are safe and resilient."

Early response from the IT and security communities was largely positive. McAfee director of threat intelligence Phyllis Schneck said that the report "marks the beginning of a new era of White House leadership in cybersecurity."

"We think this is a great first step, but there is even more hard work to be done," said Schneck.

Meanwhile, Cisco chief security officer John Stewart praised the administration for its willingness to work with the private sector.

"It's imperative that the public and private sector continue to collaborate, " said Stewart.

"The good news is that more organisations, companies, and nations are working together to determine how to proceed, and provide leading practice guidance for the next generation to work, live, and play safely in the online environment."

Not everyone was thrilled with the President's recommendations, however. Wayne Crews, vice president of policy for anti-regulation group Competitive Enterprise Institute, worried that the creation of new official positions could create new bureaucratic restrictions on private IT networks.

"Policy makers should be suspicious of proposals to collectivise and centralise cybersecurity risk management, especially in frontier industries like information technology," said Crews.

"While government law enforcement agencies have a necessary role to play in investigating and punishing intrusions on private networks and infrastructure, government must coexist with, rather than crowd out, private sector security technologies."