Cyber order could help shape later law

U.S. Capitol Dome - Photo by the Architect of the Capitol

The expected cybersecurity executive order should serve as a template for action when Congress once again takes up cybersecurity legislation, according to Capitol Hill insiders speaking at 1105 Government Events’ Oct. 22 cybersecurity conference.

The order will be useful for guidance regardless of any potential post-election power shifts, they said.

(1105 Government Events is part of 1105 Media, the parent company of FCW.)

“There are a lot of moving pieces, but the ground has now been plowed. No matter who’s in leadership position, the awareness has been raised, people are on the record and we have leaders on both sides of the aisle [agreeing] something needs to be done. The rest is just details,” said Clete Johnson, counsel in the office of Sen. Jay Rockefeller (D-W.Va.) and lead staffer on the Senate Select Committee on Intelligence. “Whatever happens in November, I don’t think too much more time is going to pass before we do what we need to do, no matter who the leadership is."

There are limitations on what the executive order can encompass, though, which means that legislation still is critical to national security in cyberspace. An executive order cannot codify, meaning it relies on existing statutes that it cannot alter – a significant issue for information-sharing, which is crucial to cybersecurity action.

“The EO could [address] government-private sector information-sharing; the problem is the limits on what it can do for private-to-private and private-to-government,” particularly with regard to liability concerns, Johnson said. “It would require amending electronic privacy statutes, and an EO can’t do that. It’s a major problem since information-sharing is one of the two cornerstones.”

The other cornerstone is critical infrastructure, which has challenges of its own in an executive order.

“Critical infrastructure is mostly life-or-death-type systems…the difficulty with them is defining which are critical and then [addressing] the ‘ad hocracy’ or ad-hoc approach to them that our government and society bring to securing those systems,” Johnson noted.

“How do you promote best practices, leadership and accountability?” Johnson asked. “The most important thing is how do you allow private-sector market incentives and dynamics to drive a race to the top on cybersecurity, as opposed to [a government-led] top-down approach.”

Another problem is the range of policies and governance employed across the critical infrastructure sector. The patchwork nature of the regulations are presenting a hurdle for the White House, according to Trey Hodgkins, TechAmerica’s senior vice president, global public sector.

“One challenge the White House indicated they’re undertaking is going through the existing authorities for each sector,” said Hodgkins, who has met with stakeholders from the government and private sector regarding the executive order. “Since there aren’t uniformities across the sector, they are attempting to understand existing authorities and what they may or may not be able to do.”

Even after the executive order – if it does indeed become a reality – there will still be an uphill battle on the Hill, where partisan stalemates could threaten action once again.

“It’s very difficult to predict procedurally how [legislation will] go through. We hope something can happen swiftly but at same time…we have to first do no harm. We have to make sure we’re still doing what we think is the right way to move forward. We have to work quickly but smartly,” said Michael Seeds, legislative director for Rep. Mac Thornberry (R-Texas). “This lays the groundwork for the next Congress…we’re hopeful.”

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group