Obama’s Cybersecurity Proposal: One Small Step for Preventing a Data Breach

Recently, the Obama administration sent a cybersecurity plan to the Senate for debate. The proposal outlined the universal regulations that all organizations should be required to adhere to in the case of a data breach. The recommendations included:

  • The implementation of one system for all organizations to follow to share information about data breaches. In order to do this, the administration proposes that penalties are removed for organizations that report ongoing data breaches to the Department of Homeland Security.
  • An allowance for organizations to build data centers wherever they’d like, removing the current requirement in certain states that data centers must be built within their state of operation.
  • One governing cybersecurity law for all states to follow.

All of the recommendations outlined in Obama’s proposal are a step in the right direction, but most organizations want to prevent a breach or attack from happening in the first place. In addition, should a breach occur, it’s critical that immediate action is taken in order to reduce overall impact. Oftentimes when an organization turns to the government to take action against an attack, it’s already too late and data has been compromised on a large scale. An unfortunate recent example is Sony, when a data breach into one network turned into the second largest breach of all-time.


In an effort to assist organizations in developing a top-level offensive strategy, we’ve created a list of tips that all online businesses should implement as a guideline for fighting cybercrime and protecting their networks:


  1. Know your average website traffic and usage habits. Behavioral analysis tools will allow you to build a profile of your site’s normal traffic patterns. They’ll also create a behavior pattern of the users accessing online services
  2. Look for any deviations from the normal behaviors. Having a way to detect abnormalities will allow you to quickly see if a Botnet attack has occurred.
  3. Isolate the transactions of users who raise your suspicion. This will allow you to block the user at the network’s perimeter and give you time to analyze traffic or unusual transactions.
  4. Analyze the attack tool. This will enable you to identify weaknesses.
  5. Create an offensive. Create a method that will exploit the attack’s weaknesses to deactivate the tool wherever located, thus cleaning the ‘bad traffic’ end-to-end beyond the perimeter borders.
  6. Measure the effectiveness of the attack offensive. Assess the tools used to stop the botnet or intruder, and adjust if necessary.


Utilizing this strategy empowers organizations to take the proper steps in the case of an attack to ensure minimal damage.


What do you think of Obama’s cybersecurity plan? Is your organization taking the right steps to prevent a data breach or attack?


Carl Herberger

Carl is an IT security expert and responsible for Radware’s global security practice. With over a decade of experience, he began his career working at the Pentagon evaluating computer security events affecting daily Air Force operations. Carl also managed critical operational intelligence for computer network attack programs to aid the National Security Council and Secretary of the Air Force with policy and budgetary defense. Carl writes about network security strategy, trends, and implementation.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program


An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center