The White House will issue Friday an executive order on computer security to prevent breaches of the sort that occurred with the release last year of hundreds of thousands of classified documents to the Web site WikiLeaks.
The order, coinciding with National Cybersecurity Month, replaces an outdated policy predating the Obama administration and caps a seven-month review of procedures for handling classified information.
The order directs agencies to designate a senior official to oversee classified information sharing and safeguarding for the agency and enshrines a number of measures the Pentagon and other agencies have announced, including the Pentagon’s disabling the “write” capability on most computers in the military’s secret-level classified network to prevent downloading classified data onto removable drives.
“Our nation’s security requires classified information to be shared immediately with authorized users around the world, but also requires sophisticated and vigilant means to ensure it is shared securely,” Obama’s order said.
The order, first reported by the New York Times on Thursday night, also creates an interagency task force headed by the attorney general and the director of national intelligence to detect and prevent leaks from government employees — what is known as the “insider threat.”
It also calls for a Senior Information Sharing and Safeguarding Steering Committee with responsibility for coordinating interagency efforts and ensuring that agencies are held accountable for carrying out the policies and standards.
The White House notes that agencies have made “significant progress” in shoring up security. The Pentagon, for instance, has begun to issue smart cards with special identity credentials required to log onto the secret-level classified network. The cards allow holders access to only those portions of the network that contain information relevant to their jobs.
The Pentagon is also piloting insider-threat technology developed by the National Security Agency and is developing an information-technology audit to identify suspicious behavior on all Department of Defense systems.