Cybersecurity News

With Congress focusing much of their time on the fiscal cliff, following another failed attempt to pass cybersecurity legislation, the White House may be a step closer to releasing its anticipated cyber executive order.

In a new draft of the order, dated Nov. 21, the White House made several revisions to a previously leaked version, based on recent meetings held with the private sector.

“The National Security Staff has held over 30 meetings with industry, think tanks and privacy groups, meeting directly with over 200 companies and trade organizations representing over 6,000 companies that generate over $7 trillion in economic activity and employ more than 15 million people,” Caitlin Hayden, a spokeswoman for the White House told Politico.

Intending to protect the nation’s critical infrastructure from cyber attacks, the new draft E.O., like the last, calls for the private sector to work with the government, sharing security-related information on a voluntary basis.

But the draft order is already catching criticism for a provision on incentives, which some say could make companies feel obligated to participate in the program.

“The Secretary shall coordinate establishment of a set of incentives designed to promote participation in the Program,” states the draft. “Within 90 days of the date of this order, the Secretary and the Secretaries of Treasury and Commerce each shall make recommendations separately to the President… on what incentives can be provided to owners and operators of critical infrastructure that participate in the Program, under existing law and authorities, and what incentives would require legislation, including analysis of the benefits and relative effectiveness of such incentives.”

One incentive the E.O. mentions is the possibility of “changing the federal procurement process to create preferences for vendors who meet cybersecurity standards.” Though the order notes that creating such an incentive would have to come at the approval of the Secretary of Defense and the Administrator of General Services.

In working to gain other approval, particularly from privacy hawks who claim cybersecurity laws could crack down on civil liberties, the new draft of the E.O. includes a clause to “ensure that privacy and civil liberties protections are incorporated into such activities based upon the Fair Information Practice Principles and other applicable privacy and civil liberties policies, principles and frameworks.”

But until the executive order is issued – which could be days, weeks or months away – stay tuned, as more criticism is sure to come.

____

Following are some additional cyber headlines you may have missed:

FEDERAL NEWS:

Report: Agencies looking at draft WH cyber order (ExecutiveGov)

NSA refuses to declassify Obama’s cybersecurity directive (PressTV)

CyberCity allows government hackers to train for attacks (Washington Post)

US Transcom strives to protect networks against cyber threats (Defense.gov)

As leadership changes, cyber security remains critical issue for Congress (GSN)

INDUSTRY OVERVIEW:

Contractors move to save cybersecurity funding (Politico)

Study may offer insight into Coca-Cola breach (New York Times)

Norton unveils security software for iPhone as hacker fears rise (Yahoo News)

INTERNATIONAL  OUTLOOK:

Philippines to set up cybersecurity operations center (ZDNet)

Google Pakistan defaced by Turkish hacker group (Tribe News)

U.N. atom agency says stolen information on hacker site (Reuters)

EU must bolster its cybersecurity say MEPs (Computer Business Review)

EU to force firms to report hacker attacks, Sueddeutsche reports (Bloomberg)

Singapore’s cybersecurity amendments open questions on compliance (ZDNet)

US ‘launched Flame cyber attack on Sarkozy’s office,’ claims French media (BBC News)

HACKING HIGHLIGHTS:

Hacker claims leak of 1 million US accounts (eSecurity Planet)

Hacker found guilty of massive AT&T-iPad site breach (CNET)

Anonymous hacker behind Stratfor attack faces life in prison (RT)

Anonymous claims it stopped Karl Rove from hacking election (Wonkette)

South Carolina tax chief resigns after taxpayers hit in cyber attack (Reuters)

Call of Duty hacker charged with DDoS attacks on UK Universities (TechWorld)

CYBER INSIGHTS:

Threat landscape: The next trends in cybersecurity (CSO)

Stocks in cybersecurity set to take off, analyst says (CNBC)

Channeling the ‘offensive mind-set’ in cybersecurity (NextGov)

Opinion: Why we need a cyber doctrine now (AOL Government)

Infosec pro Kaspersky calls for more online regulation (Mashable)

Small businesses still underestimate cost of security breaches (ZDNet)

____

This report is also featured on ClearanceJobs.com at: http://www.clearancejobs.com/defense-news/998/cybersecurity-news-round-up-new-draft-of-white-house-cyber-executive-order-surfaces