By Pam Benson
The White House is threatening to veto a House cybersecurity bill unless changes are made to further safeguard privacy and civil liberties, and limit private-sector liability protections.
Last week, the House Intelligence Committee approved and sent to the full House proposed legislation that would enhance data sharing between the government and private industry to help protect computer networks from cyber attacks.
The committee amended the bill after consulting with the White House during its drafting, but the Obama administration is still not satisfied with some of its provisions.
"The administration still seeks additional improvements and if the bill, as currently crafted, were presented to the president, his senior advisers would recommend that he veto" it, the White House budget office said in a statement on Tuesday.
By Pam Benson
The House Intelligence Committee has overwhelmingly passed a new cybersecurity bill that would enhance data sharing between the government and private industry to protect computer networks and intellectual property from cyber attacks.
By a vote of 18-2, the panel on Wednesday approved the Cyber Intelligence Sharing and Protection Act (CISPA).
The measure sets up a voluntary system for companies to share threat information on their networks with the government in exchange for some liability protections.
The bill also allows the government to share intelligence and other cyber threat information with industry.
A similar bill died in the Senate last year after a number of Republicans argued that proposed cybersecurity standards allowed for too much government regulation.
The White House had threatened to veto that bill over privacy concerns.
Department of Homeland Security Secretary Janet Napolitano acknowledged Friday her Luddite-like ways, despite the fact her position puts her in a critical leadership role when it comes to defending the nation's infrastructure from cyberattacks.
Napolitano said she does not use email "at all."
"For a whole host of reasons. So, I don't have any of my own accounts and that, you know, I'm very secure," Napolitano noted at a Washington conference about cyber security.
"Some would call me a Luddite but you know. But that's my own personal choice and I'm very unique in that regard I suspect," Napolitano added.
The Obama administration has been pushing Congress to revisit legislation that would have given DHS authority to enforce security standards. Legislation faltered earlier this year over concerns that it was too intrusive in requiring business to share data about intrusions, rather than it being voluntary.
In the meantime, an executive order is being drafted by the Obama administration that would help clarify security standards, Napolitano said. She said President Barack Obama has not reviewed it yet.
Napolitano said legislation would not dictate to companies how to run their security but rather would be a public-private partnerships to defend critical infrastructure.
By Suzanne Kelly
President Barack Obama is considering whether to issue an executive order to fill a gap in the country's cybersecurity defenses after Congress failed to move forward cybersecurity legislation last week.
Homeland Security adviser John Brennan said failure to pass legislation that would grant the government more authority in heading off cyber intrusions and attacks, has left a gap that the executive branch is working to fill on an interagency basis, using the resources of the Department of Homeland Security, the National Security Agency and the FBI.
"Executive Orders are a good vehicle to actually direct the departments and agencies to do some certain things to make sure that the nation is protected," Brennan said during a question and answer session at the Council on Foreign Relations in Washington. "We can't wait, so we're doing things, DHS in conjunction with NSA, FBI, others are working to make sure that we are able to better safeguard our environment but also be able to respond but also be able to be resilient."
By Jennifer Rizzo
The most comprehensive cybersecurity legislation proposed by Congress, which sponsors say would have helped protect the government and industry from potentially devastating cyberattacks, was voted down in the Senate Thursday.
The Cybersecurity Act of 2012 would have given the government the three legislative elements it needs to fend off cyberattacks, according to John Brennan, assistant to the president for homeland security and counterterrorism. Those are new threat-information-sharing between the government and private industry, better protection of critical infrastructure such as the power grid and water filtration facilities, and authority for the Department of Homeland Security to unite federal resources to lead the government's cybersecurity team.
Sens. Joe Lieberman, I-Connecticut, and Susan Collins, R-Maine, introduced the bill.
"This is a moment of disappointment that I really cannot conceal," Lieberman said after the vote. "But the threat of cyberattack is so real, so urgent and so clearly growing that I am not going to be petulant about this."
By Suzanne Kelly
The White House rolled out its cybersecurity A-team Wednesday for an on-the-record telephone conference, with reporters hearing an appeal for the Senate to pass the Cybersecurity Act of 2012 now being debated on the Senate floor.
John Brennan, assistant to the president for homeland security and counterterrorism, was joined by Keith Alexander, chief of U.S. Cyber Command and head of the National Security Agency, as well as Jane Holl Lute, deputy secretary at the Department of Homeland Security, and Eric Rosenbach, deputy assistant secretary of defense for cyberpolicy.
"The risks to our nation are real and immediate," Brennan said, adding that the White House doesn't see the legislation as a partisan issue, but rather a matter of national security.
By Deirdre Walsh
Ignoring a veto threat from the White House, the House passed legislation Thursday designed to protect communications networks from cyberattacks.
The vote was 248-168.
But even as the House bill moves forward, privacy concerns about granting government agencies access to personal information transmitted on the Internet could prove to be a major obstacle to any new cybersecurity law.
House Intelligence Committee Chairman Mike Rogers, R-Michigan and a former FBI agent, said he spent the last year working on the bill because the national security risk to the United States posed by cyberattacks is one, "we are just not prepared to handle." FULL POST
By Suzanne Kelly
Tom Kean and Lee Hamilton, who co-chaired the 9/11 Commission, weighed in Monday on a simmering disagreement in the Senate over the best way to address the nation's vulnerability to cyberattacks.
The two men, who now run the Bipartisan Policy Center's Homeland Security project, are calling on senators to take more urgent action on the issue of cybersecurity. They cite recent public statements by Director of National Intelligence James Clapper and FBI DIrector Robert Mueller warning that the cyber threat is expected to overshadow other terrorist threats facing the United States in the not-too-distant future.
"Much like the situation before the September 11, 2001, attacks, the federal government is not adequately organized to deal with a significant emerging national security threat," said Kean, former governor of New Jersey; and Hamilton, a former congressman from Indiana, in a letter sent to Senate leaders urging action on cybersecurity.
By Suzanne Kelly
Republican senators are proposing cybersecurity legislation calling for a series of government incentives to make sure that companies comply with security issues.
The bill is meant to counter separate proposed legislation that seeks to designate the Department of Homeland Security as the lead agency for securing the nation's cybersphere infrastructure. FULL POST