The commission was established in February by an executive order from the president. Its final report, released Thursday and made public Friday, laid out 16 recommendations for Obama’s administration and that of President-elect Donald Trump, who takes office in January.
The report identified potential vulnerabilities in the global supply chain of manufacturers, critical infrastructure and the “internet of things,” the growing array of connected consumer devices.
Moreover, the commission stressed that the US government depends on cyber tools just as much as private companies do. Its report explained that technological developments now outpace security and that cyber breaches could damage the economy, national security and civil liberties.
Obama has asked the commission to brief Trump at its earliest opportunity and encouraged his successor to use the report recommendations as a guide in governing.
The commission made a number of recommendations for the incoming administration, including the appointment of an “ambassador for cybersecurity” who would “lead US engagement with the international community” on relevant strategies, standards and practices.
Another recommendation is for US presidents to work with other countries to develop and promote global cybersecurity norms and behavior. The report suggested that the White House convene a summit of business, consumer and government leaders to plan and launch a national cybersecurity-awareness campaign.
To help consumers, the report said, an independent organization should develop the equivalent of a nutrition label for technology products and services, "ideally linked to a rating system of understandable, impartial, third-party assessment that consumers will intuitively trust and understand."
US officials have pushed for deeper cooperation between the government and private sector to combat cybersecurity threats and strengthen the industry.
Public-private efforts have been largely suspended since 2013 when former National Security Agency contractor Edward Snowden leaked government documents highlighting collaboration between the nation's spy agencies and private companies.
Defense Secretary Ashton Carter has been a leading supporter of private-public partnerships and international cooperation on cybersecurity, establishing joint efforts with both tech companies and foreign militaries.
Cybersecurity has been a concern across all levels of government in the United States, affecting federal regulation of the airline industry, individual states’ election systems, cities attempting to link public services, and beyond.
During the 2016 presidential election, state officials across the country cited worries about the vulnerability of voting systems, forcing the Department of Homeland Security to hire more than 120 cybersecurity professionals to deal with potential threats.
Outside of government, the US health care system is frequently targeted by hackers, who have been able to exploit vulnerabilities in old, insecure networks to steal patients’ medical records.
US banks have also proven vulnerable in recent years. Hackers have not only captured reams of personal data from banks, they have stolen billions of dollars, mainly by draining depositor accounts with stolen login credentials.
Commission Chairman Tom Donilon, a former national security adviser to Obama, urged Trump to proceed swiftly to implement the recommendations with the support of legislators and the private sector.
Additionally, Obama urged Congress to fund the cybersecurity measures laid out in his February budget request, a $19 billion package representing a more than 35 percent increase in spending on information-technology security, protection of critical infrastructure, and investment in the cybersecurity workforce.