A White House executive order on cyber security is “close to completion,” according to Janet Napolitano, US Secretary of Homeland Security.
The news comes just weeks after former White House cyber security chief Howard Schmidt said US President Barack Obama should strongly consider issuing an executive order to help secure computer networks from attack.
The advice was in response to the fact that a Senate cyber security bill remains bogged down in Congress, where Republicans argue it could establish a burdensome government regulatory system for private companies’ networks.
Schmidt, who served in both the Obama and George W. Bush administrations, said that an executive order could help update government network security as well as encourage businesses to secure their own systems. “If there are things this Congress isn’t prepared to do, the President has a few options that he can move on,” he said.
The White House pushed Congress to give federal authorities the power to enforce mandatory, and later voluntary, standards, but Congress was unable to move forward with a bill. Now, the White House is considering an executive order.
The draft order is being reviewed at the "highest levels" and some issues still need to be ironed out, Napolitano said, according to US reports.
President Obama has yet to review it the draft order, the reports said, but if he decides to move forward, an executive order would likely establish a system of voluntary standards to be followed by certain critical companies, such as those that control chemical plants or power grids.
“As much as we are doing, we must do even more,” Napolitano said in testimony to the Senate Committee on Homeland Security.
“All sides agree that federal and private networks must be better protected, and information about cyber security threats must be shared more easily while ensuring that privacy and civil liberties are protected through a customised framework of information-handling policies and oversight,” she said.
However, Napolitano believes that even a “robust” executive order cannot enact all of the needed reforms and that legislation will be required to resolve limitations on Department of Homeland Security hiring of cyber security experts; to give companies more liability protections to encourage cyber security; and to increase criminal penalties for cyber crimes.
FBI Director Robert Mueller has outlined a range of ways that hackers are threatening US networks. In written testimony, he said: “With these diverse threats, we anticipate that cyber security may well become our highest priority in the years to come. Computer intrusions and network attacks are the greatest cyber threat to our national security.”