We got to hear that the President Obama is willing to compromise on the cyber security executive order, and is preparing to implement some of the provisions of the 2012 Cyber Security Act (CSA), after it failed to come to a vote in the Senate. After being circulated in various departments, a final draft is expected to come out that will include a major compromise to settle differences between those who want government to have free access to networks under attack, and those concerned about violations of privacy.
Meanwhile, the Huffington Post’s Richard Lardner reported that a draft copy of the cyber security bill is out that includes a concession sought by Sen. Ron Wyden (D-OR) to include provisions proposed in the CISPA. It will allow for the sharing of Internet traffic information between the U.S. government and private sector companies, but only those involving critical infrastructure such as transportation and the electrical grid. Other private firms, including social media, would not be under the same mandate. As per another provision, DHS will be in charge of the information-sharing network to distribute and “sanitized summaries of top-secret intelligence reports about known cyberthreats that identify a specific target.
Though President Obama looked quite concerned about the entire cyberthreats scenario, it doesn’t appear to be at the top of his agenda as during their debate on foreign policy, the president said the word “cybersecurity” only once.
“First, cyber is not as pressing an international issue as most of the crises pressing on the president’s time. No one has yet died from a cyberattack,” said Jason Healey, of the Atlantic Council, and a former White House security official. “Second, Romney did speak directly about pressuring China on intellectual property theft, which is the main cyber problem today.”
“To fix cyber issues we need to make it so that it is easier to defend than to attack, globally,” Healey said. “Sending a few tear line reports isn’t going to solve that, but it’s a start. Then again, if all we needed to make this happen was the say-so of the President, I wish we’d have done it 10 years ago.”
“Cybersecurity has been coming up as a problem for this administration,” HackANGLE editor, Kyt Dotson says, “because it’s an issue that has struck chords in the media and government. Critical infrastructure sits in a somewhat vulnerable place, but fears could too easily overwhelm rational attention to the subject matter. For the most part, infrastructure shouldn’t be as wired as it is (as quickly as it has been.) CISPA was a serious mistake in selling out privacy for security, which would have burned security, a compromise may be needed to allow this administration to look as if they’re ‘doing something’ while also allowing industry experts to prepare better examples of what needs to be done.”