The Freeland File
Aerospace & Defense
Global Market Data
Lucy P. Marcus
David Cay Johnston
The Great Debate
Jack & Suzy Welch
Macro & Markets
Lipper Awards 2012
Personal Finance Video
UPDATE 6-In New York, defiant Ahmadinejad says Israel will be 'eliminated'
24 Sep 2012
Japan fires water cannon to turn away Taiwan boats
Obama offers himself up as 'eye candy' on 'The View'
24 Sep 2012
China carrier a show of force as Japan tension festers
In New York, defiant Ahmadinejad says Israel will be "eliminated"
24 Sep 2012
New video shows Romney saying Palestinians don’t want peace
Egypt Salafi urges U.N. to criminalize contempt of Islam
Romney paid $1.9 million in taxes in 2011: campaign
Our day's top images, in-depth photo essays and offbeat slices of life. See the best of Reuters photography. See more | Photo caption
A look inside China's Communist leadership academy. Slideshow
Protests break out over disputed islands in the East China Sea. Slideshow
White House said to plan executive order on cybersecurity
Breach of security at 'Fort Knox' of uranium sets off alarms
Wed, Sep 12 2012
Analysis & Opinion
India in depth: Twin deficits joined at the hip
New U.S. FinCEN director must bolster agency under pressure over Iran sanctions, money laundering
A journalist checks the U.S. Senate's website in Washington, D.C. June 13, 2011, after it was hacked over the weekend.
Credit: Reuters/Stelios Varias
By Joseph Menn
SAN FRANCISCO |
Mon Sep 24, 2012 10:16pm EDT
SAN FRANCISCO (Reuters) - The White House is preparing to direct federal agencies to develop voluntary cybersecurity guidelines for owners of power, water and other critical infrastructure facilities, according to people who said they had seen recent drafts of an executive order.
The prospective order would give the agencies 90 days to propose new regulations and create a new cybersecurity council at the Department of Homeland Security with representatives from the Defense Department, Justice Department, Director of National Intelligence and the Department of Commerce, a former government cyber-security official told Reuters.
"It tells those who have the ability to regulate to go forth and do so," said the person, who is currently outside the government and spoke on condition of anonymity in order to preserve access to government officials.
The draft executive order includes elements of what had been the leading cybersecurity overhaul bill in the Senate, which was defeated this summer amid opposition from industries opposed to increased regulation.
Senate Homeland Security Committee Chairman Joe Lieberman, an independent and one of the principal authors of that bill, on Monday urged the White House to issue such an order.
"The Department of Homeland Security has clear authority, if directed by you, to conduct risk assessments of critical infrastructure, identify those systems or assets that are most vulnerable to cyber attack and issue voluntary standards for those critical systems or assets to maintain adequate cybersecurity," Lieberman wrote to President Barack Obama.
The document has been circulating among the agencies and might go to top officials for their comments as soon as this week, another person involved in the process said.
A spokeswoman for the administration's National Security Council, Caitlin Hayden, confirmed that an order was being considered but would not provide details. "We're not commenting on the elements," Hayden said.
Former White House cybersecurity policy coordinator Howard Schmidt said the proposed order would also ask DHS to confer with independent agencies, such as electric regulators and others that don't answer to the president, to see who would take responsibility on cybersecurity.
The hope, said Schmidt, who has seen a recent draft, is that if those agencies won't let DHS act they would do it themselves, as the Securities and Exchange Commission did in October when it issued guidance on when companies should disclose cyber attacks.
The Commerce Department and the Pentagon declined to comment. Spokespeople for Lieberman and for Senator John Rockefeller, another Democratic leader on the issue who has asked for an executive order, said their offices had not been given copies of the draft.
Cybersecurity has become a major issue in Congress and for the White House, with intelligence officials warning of constant exploration of protected computer systems by hackers and both past incursions and the likelihood of more damaging future attacks on electric plants, banks and stock exchanges.
As of two weeks ago, the planned order did not include any penalties for companies that fail to adhere to the standards. or rewards for those who do. "There are no carrots or sticks," one person with a recent copy said.
If the order emerges before the election in November, it could become an issue in the campaign. Leading Republicans faulted the Lieberman bill as too onerous. The U.S. Chamber of Commerce, which also criticized that bill, declined to comment on Monday on the merits of a prospective order.
But Lieberman said his bill had been watered down in pursuit of a compromise and asked in his letter Monday that Obama explore means for making the standards mandatory.
Both Lieberman and administration officials have said they will still seek legislation, which could go further in many ways. It might, for example, provide liability protection for companies that share information with government officials or that meet the standards but still get hacked.
(Reporting by Joseph Menn in San Francisco; editing by Todd Eastham)
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Back to top
New York Legal
Support & Contact
Connect with Reuters
Our Flagship financial information platform incorporating Reuters Insider
An ultra-low latency infrastructure for electronic trading and data distribution
A connected approach to governance, risk and compliance
Our next generation legal research platform
Our global tax workstation
About Thomson Reuters
Thomson Reuters is the world's largest international multimedia news agency, providing investing news, world news, business news, technology news, headline news, small business news, news alerts, personal finance, stock market, and mutual funds information available on Reuters.com, video, mobile, and interactive television platforms. Thomson Reuters journalists are subject to an Editorial Handbook which requires fair presentation and disclosure of relevant interests.
NYSE and AMEX quotes delayed by at least 20 minutes. Nasdaq delayed by at least 15 minutes. For a complete list of exchanges and delays, please click here.