Do you ever get the feeling that at some point in the morning you should be hearing the Sonny and Cher tune “i’ve Got You Babe” and that you are in Ground hog Day. That we are reliving the same thing over and over again. Well we are again…
We all probably remember the heated debate around the Cybersecurity Act of 2012. Whether political or a security practitioner, everyone had an opinion on one side or another. Well, we will soon begin the debate again, but this tim it will not be in response to a Congressional proposal, but rather an Executive Order (EO). Friday a leaked draft of the EO posted to the techdirt.com website.
According to the proposed draft, the EO is meant to revise the federal architecture for enhanced protection of the critical infrastructure and information sharing or “information exchange framework.” The EO also places the Department of Homeland Security (DHS) as an oversight role for making and implementing the changes. What is not completely understood is the full nature of what is considered “critical infrastructure” and how commercial business will act with regards to another set of US regulatory impacts to their bottom line.
Many in the political scene and in the security industry have been vocal about the need for a defined framework beyond/improving the existing FISMA regulations adhered to by federal agencies. However, there are not as many that would agree that DHS is the federal entity to oversee the implementation. There is even more of a divide when you start discussing how this framework should be applied to private industry.
A recent SC Magazine article quoted concerns from several Republicans about the current EO based on a letter written by John Brennan, the national security advisor to the president. According to the article:
A letter released on Friday written by John Brennan, national security adviser to the president, written to Sen. Jay Rockefeller, chairman of the Senate Commerce Committee, confirms that the White House is working on the order.
“Following congressional inaction, the president is determined to use existing executive branch authorities to protect our nation against cyber threats,” Brennan wrote.
In a recent sponsored Washington Post editorial, Senators John McCain (R-Ariz.), Kay Bailey Hutchinson (R-Texas), and Saxby Chambliss (R-Ga.) blasted the idea of an executive order.
“Unilateral action in the form of government mandates on the private sector creates an adversarial relationship instead of a cooperative one,” the senators wrote.
This is interesting the impact this will have with regards to the impending elections and how security community at large will view this potential mandate. This will definitely (re)develop in the coming weeks…and remember “its going to be a cold one out there…”