Does Obama need to step in to protect power grids from cyberattack?
Congress appears gridlocked on a cybersecurity bill to protect power grids and other critical infrastructure, so President Obama is considering an executive order.
(Page 2 of 2)
"One thing an executive order would help with is giving DHS the ability to really protect federal networks," says Andrew Cutts, former cybersecurity policy director at DHS. "It has some authority, but needs more."Skip to next paragraph
Subscribe Today to the Monitor
Still, problems remain – like how legally to go about sharing detailed classified information more broadly among companies.
"The bigger problem is how to protect critical infrastructure outside the federal government," says Mr. Cutts. "It's possible the president could require government agencies to draft a set of voluntary cyberstandards for critical infrastructure owners and operators to follow."
Under the bill in the Senate, operators of natural-gas pipelines, refineries, water-supply systems, and other vital assets would voluntarily submit their computer networks to testing by the DHS. In return, they would get protection from financial liability.
But an executive order would not be able to grant liability exemption, so it could be difficult for DHS to persuade private computer networks – which control 85 percent of the nation's critical infrastructure – to cooperate. The National Security Agency and Pentagon – two federal entities with cutting edge cyber expertise – also have no direct legal authority directly to protect those private networks.
Yet senators say something needs to be done.
"I believe the time has come for you to use your full authority to protect the U.S. economy and the networks we depend on from future cyber attack," said Sen. Dianne Feinstein (D) of California in a letter to Mr. Obama Tuesday. "While an Executive Order cannot convey protection from liability that private sector companies may face, your Administration can issue cybersecurity standards and provide technical assistance to companies willing to take voluntary steps to improve their security."
There are signs that the senators' advice is falling on receptive ears.
"One of the things that we need to do in the executive branch is to see what we can do to maybe put additional guidelines and policies in place under executive-branch authority," John Brennan, the president's to counterterrorism adviser, said in remarks to the Council on Foreign Relations on Aug. 8.
"I mean if the Congress is not going to act ... then the president wants to make sure that we are doing everything possible," he said.