The President’s Cybersecurity National Action Plan (CNAP) “directs the federal government to take new action now and fosters the conditions required for long-term improvements in our approach to cybersecurity across the federal government, the private sector, and our personal lives.” CNAP has four overarching components:
- Creation of the Commission on Enhancing National Cybersecurity, which will include “top strategic, business, and technical thinkers from outside of government…to make recommendations on actions that can be taken over the next decade to strengthen cybersecurity in both the public and private sectors” by, in part, fostering the discovery and development of new technical solutions and bolstering government-private sector partnerships to expand and improve cybersecurity technologies, policies and best practices.
- Modernize federal IT and “transform” federal cybersecurity practices. For this the President has proposed a $3.1 billion Information Technology Modernization Fund and has created the position of Federal Chief Information Security Officer to drive changes across the government.
- Empower Americans to secure their online accounts with multi-factor authentication.
- Invest $19 billion, proposed in the President’s FY 2017 budget, to “enable [federal] agencies to raise their level of cybersecurity, help private sector organizations and individuals better protect themselves, disrupt and deter adversary activity, and respond more effectively to incidents.”