White House Orders New Computer Security Rules (Updated)

The White House plans to issue an executive order on Oct 7 to replace a flawed patchwork of computer security safeguards exposed by the disclosure of hundreds of thousands of classified government documents to WikiLeaks last year.

The order by President Obama culminates a seven-month governmentwide review of policies and procedures involving the handling of classified information, and recommendations on how to reduce the risk of breaches. The directive enshrines many stopgap fixes that the Pentagon, the State Department and the Central Intelligence Agency made immediately after the initial WikiLeaks disclosures last November. Since then, for instance, the military has disabled 87 percent of its computers to prevent people from downloading classified data onto memory sticks, CDs or DVDs. The order creates a task force led by the attorney general and the director of national intelligence to combat leaks from government workers, or what the White House calls an “insider threat.” The directive also establishes a special government committee that must submit a report to the president within 90 days, and then at least once a year after that, assessing federal successes and failures in protecting classified information on government computer networks.

Computer security analysts say these safeguards, as well as others in the executive order aimed at bringing greater consistency and accountability to information sharing and protection policies, are long overdue, and lag behind what is routine in the private sector.

Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information
http://www.whitehouse.gov/the-press-office/2011/10/07/executive-order-structural-reforms-improve-security-classified-networks-

Fact Sheet
http://www.whitehouse.gov/the-press-office/2011/10/07/fact-sheet-safeguarding-us-governments-classified-information-and-networ