Executive order could institute controversial cybersecurity measures

According to published reports, a purported draft executive order circulating in Washington could revive measures from the Cybersecurity Act of 2012, a bipartisan bill that failed in Congress amid partisan discord.

The draft order is said to still be undergoing revisions, but likely will involve the institution of a voluntary program for private companies operating critical infrastructure to cooperate with government-instituted standards and best practices, The Hill reported. The program would be led by the Homeland Security Department and include the Commerce and Defense departments, as well as others still being determined. While DHS would manage the program, the National Institute of Standards and Technology would work with industry in crafting the framework. 

If the idea sounds familiar, it’s because it was part of the failed cybersecurity bill spearheaded by Sen. Joe Lieberman (I-Conn.). It was also a chief concern of opponents to the bill who felt the measure would lead to the government effectively controlling private networks.

White House officials have declined to comment on any specific executive cybersecurity order that is being considered, but a spokesperson did say an order is one of several options being considered. Language in the Democratic Party platform released earlier this week also suggested the possibility.

“President Obama has supported comprehensive cybersecurity legislation that would help business and government protect against risks of cyber attacks while also safeguarding the privacy rights of our citizens,” the platform stated. “And, going forward, the president will continue to take executive action to strengthen and update our cyber defenses.”

Reports say that the draft order could be circulated to federal agencies as soon as next week, but at least one source familiar with the issue isn’t so certain.

Trey Hodgkins, TechAmerica senior vice president of global public sector government affairs, said the draft order being reported on is actually a “stale version of an update to [Homeland Security Presidential Directive 7]…that didn’t encompass all the challenges they would likely want to cover in an executive order.”

Some champions of failed cybersecurity legislation, including Sens. Jay Rockefeller (D-W.V.) and Dianne Feinstein (D-Calif.), have been vocal in their support for an executive order, writing letters to the Obama administration encouraging cybersecurity action. Richard Clarke, former presidential adviser on cybersecurity, last month wrote a blog on the Huffington Post website urging President Obama to take executive action.

“The president could let the Congressional farce continue on the issue of cyber security, with resulting inaction,” Clarke wrote. But such a lack of action “would be inconsistent with his Constitutional duty to protect the nation from significant threats. He should issue an executive order to improve our cyber defenses now.”

But others who are opposed to the bill are already sounding the alarm.

“Businesses need to speak up and let the White House and Congress know that they do not support unilateral cybersecurity requirements (even if they are couched as “voluntary”) via an Executive Order, because the issue goes to the very core of their business operations and has the potential to be extremely burdensome and costly,” Jody Westby, CEO of Global Cyber Risk, wrote in a Sept. 7 Forbes op-ed. “This kind of heavy-handed tactic satisfies a few but hurts the constituents…because it circumvents one of the most important functions of our government — the legislative process.”

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Shutterstock image: looking for code.

    How DOD embraced bug bounties -- and how your agency can, too

    Hack the Pentagon proved to Defense Department officials that outside hackers can be assets, not adversaries.

  • Shutterstock image: cyber defense.

    Why PPD-41 is evolutionary, not revolutionary

    Government cybersecurity officials say the presidential policy directive codifies cyber incident response protocols but doesn't radically change what's been in practice in recent years.

  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

Reader comments

Mon, Sep 10, 2012 Southeast

Before a certain Department, around the home, is asked to secure commercial networks, they should secure their own first. It is not even v6 compliant yet so how can they secure something they have no experience with?

Mon, Sep 10, 2012 Marbran

We did not elect a king in 2008. This rule by executive order must stop.

Sat, Sep 8, 2012 Cogito ergo sum

What is the point of the Constitution and Congress if the president can just bypass them and write/nullify whatever laws he feels like? Bush and Obama both have stretched the executive branch far beyond its original intended powers. This is tyranny, pure and simple. Obama needs to be impeached.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group