The White House may move to issue its long-anticipated executive order on cybersecurity this week, according to sources familiar with the plan.
The executive order, which the Obama administration has reportedly been revising for over six months, could be made public following the president’s State of the Union address on Tuesday night, sources told Bloomberg.
If issued, according to a recent leaked draft, the executive order would set voluntary cybersecurity standards for private sector entities controlling U.S. critical infrastructure, including a program for those companies to disclose cyber threat information to the federal government.
Companies that opt-in to the voluntary program could be eligible for incentives, such as advantages in the federal procurement process, according to one draft of the E.O.
But an executive order would not rule out the need for Congress to pass legislation to further strengthen the nation’s cybersecurity efforts, advised Andy Ozment, a senior director for cybersecurity at the White House.
“I think it’s worth highlighting that an executive order is not magical. It doesn’t create new power or authorities for any government agency,” Ozment said, according to The Hill. “Instead, it’s an expression of the president’s strategic intent.”
“It’s, again, critical to highlight that this is not a substitute for legislation,” he added. “We need comprehensive cybersecurity legislation. We cannot do everything under our existing authorities.”
While Ozment may have been alluding to the Senate Democrats’ recently introduced Cybersecurity and American Cyber Competitiveness Act of 2013 as the “comprehensive” legislation needed, another cyber bill could soon be on its way.
According to Politico, House Intelligence Committee Chairman Mike Rogers (R-Mich.) vowed Sunday to reintroduce his Cyber Intelligence Sharing and Protection Act (CISPA), which passed the House last April but failed to be taken up by the Senate over the summer.
CISPA, which previously aimed to give the government the authority to share classified information with the private sector, faced backlash from critics who claimed the bill would violate privacy rights of citizens.
Rogers, who has reportedly been working alongside co-sponsor Rep. Dutch Ruppersberger (D-Md.) to rid the bill of its privacy issues, said CISPA could be reintroduced “as early as this week.”
If both accounts prove to be true, stay tuned. It’s going to be a busy week for cybersecurity.
____
Michelle Kincaid is a DC-based public affairs professional specializing in technology policy. She is also creator of the blog CybersecurityNews.org. Follow her on Twitter at @OnCybersecurity.
