- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
CSO - President Obama's draft of an Executive Order (EO) to implement some of the provisions of the 2012 Cyber Security Act (CSA), which failed in the U.S. Senate earlier this month, has reignited the debate over government's role in cybersecurity.
Multiple reports said one of the key elements of the draft is that it will establish a cybersecurity council chaired by the Department of Homeland Security (DHS), which will develop a report to determine which agencies should regulate which parts of the nation's "critical infrastructure."
Other provisions are that it would require government information sharing about threats, create voluntary standards for critical infrastructure industries, strengthen oversight of cybersecurity by regulatory agencies, and use federal procurement as a means of pressuring companies to improve security.
On one side of the debate are advocates of the impending EO, including Sens. Dianne Feinstein (D-Calif.) and Jay Rockefeller (D-WVa.), who each wrote letters to President Obama recently, urging him to issue an EO, saying securing the nation's vital infrastructure from cyberattack is too important to wait for action from a gridlocked Congress.
On the other side are business and civil liberties groups who contend that the president is wrong to circumvent Congress, that the order will be too costly, too heavy handed, ineffective and is not even necessary, since the private sector is finally addressing cybersecurity aggressively on its own.
There is a range of opinion within the security community as well, on the following major issues raised by critics:
The president should not circumvent Congress on a matter of this importance:
Some, like Kurt Nimmo, writing on Infowars.com, contend that,"Obama plans to violate the Constitution again."
Jacob Olcott, principal at Good Harbor Consulting, considers that a vast overstatement. "The executive branch creates policy every day without congressional input," he said. "They adopt executive orders all the time. It's not a constitutional crisis -- it's the way our government works."
Others fall somewhere between those views. Randy Sabett, an attorney with ZwillGen and a specialist in information security, doesn't consider it a constitutional issue, but said, "the legislative process is there for a reason. The more this (EOs) happens, the more problematic it becomes because you don't have input from all sources, which is the basis of our government."
Sabett said legislation can be a, "long, painful, deliberative process," but that it is meant to include all views and voices. "With an executive order, you end up shutting out those voices," he said.
Jody Westby, CEO of Global Cyber Risk and an attorney, writing in Forbes magazine, expressed similar concern. "Wow. If Democratic Senators cannot get a bill passed in the legislative chamber that they control, they will see if the executive branch can do their work for them," she wrote. "Gee, that even saves them having to wrangle through a conference with the House."