Report: White House Readying CyberSecurity Executive Order


There are reports that the Obama administration is preparing to utilize an executive order that will push forward a cybersecurity plan.  The order would come as a response to legislation on cybersecurity has been in Congressional limbo.  The report states that the order is in draft and is being reviewed by a number of federal agencies.

Reportedly, this draft is somewhat brief, but is designed to allow elective participation by companies that are running computing infrastructures.  The alleged program addresses a number of cybersecurity standards and best practices that the companies would follow.  This would all be under the direction of the Department of Homeland Security (DHS).  Undetermined still are a number of incentives aimed at getting participants.

The executive branch is limited when it comes to the types of incentives it can offer companies, as much of that authority rests with Congress. For instance, the executive branch is barred from offering companies liability protection if they face lawsuits after a security breach.

The Congressional holdup revolves around the amount of regulation that have been thus far been proposed in similar bills.  The DHS is also a lightning rod for political controversy, with detractors pointing to a mixed history of running the TSA and border enforcement.

A national cybersecurity plan is something that is long overdue.  The matter however has proven to be quite complicated as criticism against the creation of yet another executive agency or handing over to an already tremendously reaching agency mounts.  Others still fear the extent to which DHS will have into the security of the internet, trumping privacy under the cause of national security.  While presidential executive orders are not uncommon, they are frowned upon when they are utilized to legislate outside of congressional process.  In an election year and in following a rash of state-sponsored cyber-warfare, it is difficult not to see a need for a national cybersecurity plan.  I believe as many do that a plan is inevitable and that a necessary system should be in place.