Author: Bradford Willke, Director (Acting), Stakeholder Engagement Division
On May 11, 2017, the President issued Executive Order (EO) 13800, “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” calling for “resilience against botnets and other automated, distributed threats.” The President directed the Secretaries of Commerce and Homeland Security to “lead an open and transparent process to identify and promote action by appropriate stakeholders” with the goal of “dramatically reducing threats perpetrated by automated and distributed attacks (e.g., botnets).”
The Departments of Commerce and Homeland Security worked jointly on the effort, publishing the report on Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats, known as the Botnet Report, in May 2018. Based on input from stakeholders across industry and government, the report called for the federal government to clearly delineate priorities for action. The initial Botnet Road Map (road map), published in November 2018, laid out actions that could dramatically reduce the threat of botnets and similar attacks, consistent with Administration priorities as set forth in the National Cyber Strategy.
As a follow-on to these actions, today the Commerce Department released the Botnet Road Map Status Update. The document provides a status update on efforts across the ecosystem to enhance the resilience of the Internet against distributed, automated attacks and can be found here: https://www.commerce.gov/news/reports/2018/05/report-president-enhancing-resilience-against-botnets.
The Departments of Commerce and Homeland Security continue to welcome interest from members of the private sector who wish to contribute to an action in the Botnet Report. Many of the road map actions should be led by industry, academia, or civil society. Where applicable, this road map identifies existing private-sector leaders or governance structures for the relevant tasks. Where existing bodies are already pursuing related actions, or already represent key communities, they are encouraged to lead. Government has the power to convene and will do so, but achieving the outcomes set forth in the Botnet Report will require industry and civil society engagement from across the ecosystem. The identified tasks and associated information should be seen as non-binding and flexible to accommodate changes in the digital ecosystem over time.