Obama unveils US cyber security plan

President Barack Obama is calling for public awareness and education campaigns

President Barack Obama has outlined his plan to enhance cyber security protections in the US.

Obama issued a report on Friday to mark the conclusion of his 60-day security audit launched in February to assess the state of the country's IT security infrastructure.

The president said in the report that a new official position would be needed to work with government groups and private firms to help protect the country from an online attack.

Other recommendations in the report include public awareness and education campaigns, and appointing officials to ensure that privacy and civil liberties are preserved in security practices.

"To realise the full benefits of the digital revolution, users must have confidence that sensitive information is secure, commerce is not compromised and the infrastructure is not infiltrated," the report read.

"Nation states also need confidence that the networks that support their national security and economic prosperity are safe and resilient."

Early responses from the IT and security communities were largely positive. Phyllis Schneck, director of threat intelligence at McAfee, said that the report "marks the beginning of a new era of White House leadership in cyber security".

"We think this is a great first step, but there is even more hard work to be done," she added.

Meanwhile, Cisco's chief security officer, John Stewart, praised the administration for its willingness to work with the private sector.

"It's imperative that the public and private sector continue to collaborate, " he said. "The good news is that more organisations, companies and nations are working together to determine how to proceed, and provide leading practice guidance for the next generation to work, live and play safely in the online environment."

Not everyone was thrilled with the president's recommendations, however. Wayne Crews, vice president of policy for anti-regulation group the Competitive Enterprise Institute, warned that the creation of new official positions could impose bureaucratic restrictions on private IT networks.

"Policy makers should be suspicious of proposals to collectivise and centralise cyber security risk management, especially in frontier industries like information technology," he said.

"While government law enforcement agencies have a necessary role to play in investigating and punishing intrusions on private networks and infrastructure, government must coexist with, rather than crowd out, private sector security technologies."