CIO ? WASHINGTON -- Now that the latest effort to advance comprehensive cybersecurity legislation has failed in Congress, attention is now shifting to the White House, where officials have been developing an executive order to better protect the nation's critical infrastructure from digital attacks and vulnerabilities.Earlier this week, the Washington Post reported that President Obama had signed a secret policy directive outlining new protocols for federal agencies in dealing with cyberthreats and providing new authorities for the military "to act more aggressively to thwart cyberattacks on the nation's web of government and private computer networks."
--Senate Majority Leader Harry Reid (D-Nev.)
That revelation came as Senate Republicans on Wednesday defeated a procedural measure that would have advanced the Cybersecurity Act backed by Sens. Joe Lieberman (I-Conn.) and Susan Collins (R-Maine), objecting that the Democratic majority was trying to push the bill through without sufficient debate and by limiting the number of amendments that members could introduce.
At the very least, that will move the debate over cybersecurity legislation into next year, and likely into the new session of Congress, with the primary fault lines in the debate -- whether the government should impose cybersecurity mandates on private-sector infrastructure operators; whether the military or Department of Homeland Security should take the lead in civilian cybersecurity -- expected to resurface, while the White House could still move ahead with a more expansive executive order that the policy directive Obama reportedly signed in October.
Cybersecurity Out of Congress' Hands (for Now)
Following Wednesday's vote, Senate Majority Leader Harry Reid (D-Nev.) indicated that comprehensive cybersecurity reform is effectively off the table for this Congress, and called on the White House to move ahead with its executive order to address the issue.
"Given Republican intransigence, I hope President Obama uses all the authority of the executive branch at his disposal to fully protect our nation from the cybersecurity threat," Reid said.
But then on Thursday, Senate Minority Leader Mitch McConnell (Ky.) said he is hopeful that the chamber can return to cybersecurity in January with a more inclusive debate.
"The majority leader had made prior commitments to allowing a free and open debate on cybersecurity, a matter that Republicans acknowledge must be addressed especially in the areas of information sharing, and providing some degree of liability protection to those companies that do share cyberthreat information with one another and the federal government," McConnell said Thursday on the Senate floor, calling for consideration of an alternative -- and much more limited -- cybersecurity bill backed by several leading Republicans to be included in any debate of the more comprehensive Lieberman-Collins measure.