Step 10 is:
Build a cybersecurity-based identity management vision and strategy that addresses privacy and civil liberties interests, leveraging privacy-enhancing technologies for the nation.
Step 10 is definitely needed.
Step 10 mentions privacy which is generally more about collection and dissemination of sensitive and personally identifiable information (PII) than securing or protecting sensitive information. Privacy is generally more about People and Processes and security is generally more about Technology; however I think President Obama is smart to mention the need to build an identity management vision and strategy that addresses privacy and civil liberties.
I have to say….I am surprised that President Obama has not named the Cybersecurity Adviser yet. On May 29th, President Obama said he would personally pick a Cybersecurity Adviser and I was hoping by the time I got to Step 10 that President Obama would have made his pick known.
So for now, I will focus on Lessons Learned as my stack of Lessons Learned stories continues to grow taller and taller!
And just in case you missed the press release, be sure to check out Ira Somerson’s new book called “The Art & Science of Security Risk Assessment” as I was a primary contributor to Chapter 8 of the book regarding Human Factors.