New Draft of White House Cyber Executive Order Surfaces
With Congress focusing much of their time on the fiscal cliff, following another failed attempt to pass cybersecurity legislation, the White House may be a step closer to releasing its anticipated cyber executive order.
“The National Security Staff has held over 30 meetings with industry, think tanks and privacy groups, meeting directly with over 200 companies and trade organizations representing over 6,000 companies that generate over $7 trillion in economic activity and employ more than 15 million people,” Caitlin Hayden, a spokeswoman for the White House told Politico.
Intending to protect the nation’s critical infrastructure from cyber attacks, the new draft E.O., like the last, calls for the private sector to work with the government, sharing security-related information on a voluntary basis.
But the draft order is already catching criticism for a provision on incentives, which some say could make companies feel obligated to participate in the program.
“The Secretary shall coordinate establishment of a set of incentives designed to promote participation in the Program,” states the draft. “Within 90 days of the date of this order, the Secretary and the Secretaries of Treasury and Commerce each shall make recommendations separately to the President… on what incentives can be provided to owners and operators of critical infrastructure that participate in the Program, under existing law and authorities, and what incentives would require legislation, including analysis of the benefits and relative effectiveness of such incentives.”
One incentive the E.O. mentions is the possibility of “changing the federal procurement process to create preferences for vendors who meet cybersecurity standards.” Though the order notes that creating such an incentive would have to come at the approval of the Secretary of Defense and the Administrator of General Services.
In working to gain other approval, particularly from privacy hawks who claim cybersecurity laws could crack down on civil liberties, the new draft of the E.O. includes a clause to “ensure that privacy and civil liberties protections are incorporated into such activities based upon the Fair Information Practice Principles and other applicable privacy and civil liberties policies, principles and frameworks.”
But until the executive order is issued – which could be days, weeks or months away – stay tuned, as more criticism is sure to come.
Following are some additional cyber headlines you may have missed:
Report: Agencies looking at draft WH cyber order (ExecutiveGov)
CyberCity allows government hackers to train for attacks (Washington Post)
Study may offer insight into Coca-Cola breach (New York Times)
Google Pakistan defaced by Turkish hacker group (Tribe News)
EU must bolster its cybersecurity say MEPs (Computer Business Review)
Hacker claims leak of 1 million US accounts (eSecurity Planet)
Opinion: Why we need a cyber doctrine now (AOL Government)
This report is also featured on ClearanceJobs.com at: http://www.clearancejobs.com/defense-news/998/cybersecurity-news-round-up-new-draft-of-white-house-cyber-executive-order-surfaces