Federal Cybersecurity Initiatives Timeline

Draft 1.b

An amended first cut at a list of Federal cybersecurity initiatives.  I intentionally left ousome of the purely ornamental functions (White House CTOs CIOs, NSTIC, etc.) or Departmental initiatives.  There are some recurring themes (military operations, critical infrastructure protection), a lot of organizational and governance efforts, and a few dead spots.  Rough count: Clinton: 4; Bush: 6; Obama: 17.  We'll continue to refine this.

Timeline: Federal Cybersecurity Efforts


1998       PDD63 - critical infrastructure (http://goo.gl/omfH05)

               Creation of CIAO/NIPC 

               Federal Computer Incident Response Center (http://goo.gl/481aiA)

1999       Encryption decontrol (https://goo.gl/aEb9iM)



2002       NSPD 16 - offensive cyber operations

2003       DHS (https://goo.gl/sJNZ3P)

               US-CERT (https://goo.gl/Gly3M0)

               HSPD-7 - critical infrastructure (http://goo.gl/DZyl84)

2004       NSPD 38 National strategy (https://goo.gl/OX7L7V)

2008       NSPD 54 Cybersecurity policy (CNCI) (http://goo.gl/7T7nYN)



2009       60 Day review (https://goo.gl/b5vK7Y)

               White House coordinator (https://goo.gl/cmbr9N)

               DHS Deputy Undersecretary for cyber (https://goo.gl/63ihOH)

               NCCIC (https://goo.gl/KEQ8tb)

               Cyber Command (http://goo.gl/XnRylS)

2010       National Cyber Incident Response Plan (http://goo.gl/PL53dG)

2011       International Strategy (https://goo.gl/vauxL1)

              Coordinator for International Cyber Issues (http://goo.gl/K075wE)

               DOD Strategy (http://goo.gl/8xIK3W)

2012       PPD 20 (military cyber operations)

2013       EO 13636 - critical infrastructure (https://goo.gl/A2ePX2)

2014       NIST Framework (http://goo.gl/83loue)

2015       EO Information Sharing (https://goo.gl/saV4WM)

               EO Cyber Sanction (https://goo.gl/bLUsOX)

               DOD Cyber strategy update (http://goo.gl/v8ld6p)

               Creation of CTIIC (https://goo.gl/XM5HKm)

2016       EO CNAP (https://goo.gl/EHfGUq)



2002      Homeland Security Act (https://goo.gl/xOJp8b)

              Federal Information Security Management Act (FISMA) (http://goo.gl/B4VH2Z)

2014      Federal Information Security Modernization Act (https://goo.gl/eG4nuc)

2015      Cybersecurity Information Sharing Act (http://goo.gl/C9G3Dr

James Andrew Lewis
Senior Vice President; Pritzker Chair; and Director, Strategic Technologies Program