The White House so far has failed to get a bill passed by both houses of Congress to improve the cybersecurity of the nation’s critical infrastructure, so they want to take an alternative approach.
The administration has created a draft executive order detailing how, within its authority, it would improve the information assurance of the nation’s critical infrastructure, such as the power grid and financial industries.
The draft EO includes eight sections, including the requirement to develop a way for industry to submit threat and vulnerability data to the government.
The draft EO, which Federal News Radio viewed a draft copy of, closely follows the second version of comprehensive cyber legislation introduced by Sens. Joseph Lieberman (I-Conn.) and Susan Collins (R-Maine) in July.
The draft order gives agencies several deadlines to meet, either by writing reports or creating and implementing frameworks.
For instance, 90 days after the EO is signed by President Barack Obama, the cybersecurity council — led by the Homeland Security Department secretary — must develop a report to determine which agencies should regulate which parts of the critical infrastructure. The creation of the council is in section 2 of the draft EO.
Under earlier cyber bills, DHS would take the lead in regulation and that concerned some lawmakers and experts. It was a major sticking point in moving forward with a vote on a comprehensive bill.
“An executive order is one of a number of measures we’re considering as we look to implement the President’s direction to do absolutely everything we can to better protect our nation against today’s cyberthreats,” said a National Security Council spokeswoman in an email statement. “We are not going to comment on ongoing internal deliberations.”
Read more here.