Announcing the President’s Commission on Enhancing National Cybersecurity

In February, the President announced a Cybersecurity National Action Plan (CNAP) to take a series of short-term and long-term actions to improve our nation’s cybersecurity posture.  A central feature of that plan is the non-partisan Commission on Enhancing National Cybersecurity, comprised of leading thinkers from business, technology, and academia and charged with making recommendations to the nation for actions that can be taken over the next decade to strengthen cybersecurity in both the public and private sector.

Today, we are pleased to announce that the President and the bipartisan Congressional leadership have selected the 12 individuals to serve on the Commission.  They are:

• Tom Donilon, former Assistant to the President and National Security Advisor (Chair)
• Sam Palmisano, former CEO of IBM (Vice Chair)
• General Keith Alexander, CEO of IronNet Cybersecurity, former Director of the National Security Agency and former Commander of U.S. Cyber Command
• Annie Antón, Professor and Chair of the School of Interactive Computing at Georgia Tech.
• Ajay Banga, President and CEO of MasterCard
• Steven Chabinsky, General Counsel and Chief Risk Officer of CrowdStrike
• Patrick Gallagher, Chancellor of the University of Pittsburgh and former Director of the National Institute of Standards and Technology
• Peter Lee, Corporate Vice President, Microsoft Research
• Herbert Lin, Senior Research Scholar for Cyber Policy and Security at the Stanford Center for International Security and Cooperation and Research Fellow at the Hoover Institution
• Heather Murren, former member of the Financial Crisis Inquiry Commission and co-founder of the Nevada Cancer Institute
• Joe Sullivan, Chief Security Officer of Uber and former Chief Security Officer of Facebook
• Maggie Wilderotter, Executive Chairman of Frontier Communications

These 12 individuals will be charged with recommending bold, actionable steps that the government, private sector, and the nation as a whole can take to bolster cybersecurity in today’s digital world, and reporting back by the beginning of December.  They will hold their first public meeting tomorrow at the U.S. Department of Commerce, where they will be joined by Secretary of Commerce Penny Pritzker, Assistant to the President for Homeland Security and Counterterrorism Lisa Monaco, and others to discuss the critical work that lies ahead for the Commission.

From the beginning of his Administration, the President has made it clear that cybersecurity is one of the most important challenges we face as a Nation.  For more than seven years, we have acted comprehensively to make progress towards three goals: 

          -- Raise the level of cybersecurity in both the public and private sectors. 

          -- Deter, disrupt, and interfere with malicious cyber activity aimed at the U.S. or its allies. 

          -- Respond effectively to and recover from cyber incidents.  

Recent accomplishments in pursuit of these goals include the Cyber Threat Intelligence Integration Center (CTIIC) attaining initial operating capability; reaching an unprecedented set of commitments with China’s President on cybersecurity; deploying strong authentication for 81 percent of accounts on federal systems; and implementing the Cybersecurity Act of 2015 to enhance cybersecurity information sharing and improve cyber-defense throughout the nation. 

On February 9, the President directed us to implement a Cybersecurity National Action Plan (CNAP).  Building off the foundation of work over the last seven years, this plan is aimed at both the Federal Government and broader digital ecosystem, and has both near-term and long-term components - things we can do right away and elements that will take several years to come to fruition. And it is intended to go after the underlying causes of our cybersecurity challenges, and not just the symptoms.   

We know, however, that many of the things we need to do will take time and involve a wide variety of changes, both within government and across society. That is why, in conjunction with the CNAP, the President also signed an Executive Order establishing the Commission on Enhancing National Cybersecurity.  

The Commission is tasked with making detailed recommendations on actions that can be taken over the next decade to enhance cybersecurity awareness and protections throughout the private sector and at all levels of Government, to protect privacy, to ensure public safety and economic and national security, and to empower Americans to take better control of their digital security. 

To identify the individuals to take on this task, the President and his team consulted closely with leaders in the fields of national security, cybersecurity, business, technology, academia, and elsewhere.  In addition, members of the bipartisan Congressional leadership each selected one individual to serve on the Commission, to ensure that there is broad support for the recommendations that are ultimately delivered to the nation. We congratulate the Commissioners on their appointments and look forward to supporting the Commission’s work.