The NSTIC at Two YearsThe release of the National Strategy for Trusted Identities in Cyberspace (NSTIC) by the White House in April 2011 put forth a monumental challenge: a call for a new private-public sector partnership to create an Identity Ecosystem, where all consumers could choose from a variety of credentials that would enable more secure, convenient and privacy-enhancing transactions everyplace they go online. Monday marked the two year anniversary of the NSTIC release, and we gathered at the National Cybersecurity Center of Excellence (NCCoE) in Maryland – as part of a broader event – to brief U.S. Senator Barbara Mikulski, NSA Director General Keith Alexander, Maryland Governor Martin O’Malley and others about the progress NSTIC has made toward catalyzing a marketplace for trusted identity solutions. This progress is due in no small part to the commitment and invaluable contributions of a broad range of stakeholders who have risen to meet the President’s challenge. Today, thanks to these partners, we can point to a number of milestones including:
“The simple fact is, we cannot know what companies have not been launched, what products or services have not been developed, or what innovations are held back by the inadequacy of tools, like secure passwords, long ago overwhelmed by the fantastic and unpredictable growth of the Internet. What we do know is this: by making online transactions more trustworthy and enhancing consumers’ privacy, we will prevent costly crime; we will give businesses and consumers new confidence; and we will foster growth and innovation, online and across our economy – in some ways we can predict, and in others ways we can scarcely imagine. Ultimately, that is the goal of this strategy.”But as powerful as the ideas in NSTIC are, its realization depends on continued robust public and private sector participation. For us, this means not slowing down. Going forward, the Federal government will continue to lead as an early adopter of NSTIC-aligned solutions with the rollout of the FCCX and additional grant funding for NSTIC pilot projects this summer. And with the marketplace responding to problems with passwords, as evidenced by firms like Google, Microsoft, Amazon and Apple starting to offer customers multi-factor authentication, the government will continue working to ensure individuals have choices that are privacy-enhancing, secure, interoperable, cost-effective and easy to use. For you, this means taking your seat at the table to help achieve shared goals of enhancing online choice, efficiency, security, and privacy. Without question, the most important forum for stakeholders to convene and collaborate on solutions to enable the Identity Ecosystem is the IDESG. We encourage you to learn more about the organization and register to attend its next meeting, May 9-10 in Santa Clara, Calif. where members will develop a work plan for the summer months, hear from the NSTIC pilot projects and see demonstrations of their progress, and, participate in a workshop to identify a set of use cases of the Identity Ecosystem in use in real world applications. For more on the IDESG, visit: http://www.idecosystem.org/. We appreciate the efforts so many of you have made over the last two years; we are truly making progress! We look forward to working more with you over the months and years to come as we drive material improvements in the way we enable trusted identities in cyberspace.