Obama issues cyber security executive order

By on
Obama issues cyber security executive order

Controversial law may be resurrected as result.

US president Barack Obama has issued an executive order that is aimed at protecting the country's infrastructure against so called cyber attacks.

"We know hackers steal people's identities and infiltrate private e-mail," Obama said in his state of union address. 

"We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems.

"We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy," the president warned.

The Improving Criticial Infrastructure Cybersecurity executive order was published yesterday and calls for policy coordination between government agencies as well as greater information sharing but it does not carry the same weight as legislation.

A baseline framework to reduce "cyber risk to critical infrastructure" will be developed by the US National Institute of Standards (NIST). This will include a set of standards, methodologies, procedures and processes as well as yet unspecified technological approaches to address cyber risks, the order sets out.

Although the security standards are voluntary, the order instructs US federal agencies to consider folding them into existing regulations. 

Private companies, however, do not have to take part in the information sharing and coordination.

The White House expects legislation will be introduced for that purpose, through a bill that was originally proposed in 2011 by Republican House Intelligence Committee member Mike Rogers.

Rogers' bill, known as the Cyber Intelligence Sharing and Protection Act (CISPA), was deemed controversial and criticised by civil liberties groups as it expanded government powers to monitor individuals' Internet browsing habits and data without adequate safeguards and checks.

Even so, the US House of Representatives passed the bill last year. At the time, president Obama said he would veto it if it reached his desk.

On Tuesday, the US Chamber of Commerce, the powerful business lobby, reiterated its opposition to "expansion or creation of new regulatory regimes" and called Obama's order unnecessary.

Obama's executive order requires government officials to comply with and routinely assess privacy standards and civil liberties protections.

Many influential lawmakers and industry heavyweights welcomed Obama's move as a step closer to a comprehensive cyber security law that bolsters a partnership between the public and private sectors.

"These activities represent a down payment in the protection of our nation's cyber infrastructure, which Congress will build upon as they develop comprehensive cybersecurity legislation," said Michael Chertoff, former secretary of homeland security under President George W Bush. He called the executive order a "critical step in protecting America."

A trio of Republican senators and leaders in national security — John McCain, Saxby Chambliss and John Thune — said the executive action could not "achieve the balanced approach" that a Congressional law would and pledged to ensure thorough oversight of any action directed by the order.

"The Senate should follow regular order and craft legislation that will have an immediate impact on our nation's cybersecurity without adding or prompting regulations that could discourage innovation and negatively impact our struggling economy," they said in a joint statement. 

-- With Reuters: Alina Selyukh, Joseph Menn in San Francisco; Editing by Marilyn W. Thompson, Eric Beech and Jim Loney

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
In Partnership With

Most Read Articles

Log In

Username / Email:
  |  Forgot your password?