White House threatens cybersecurity veto
By Pam Benson
The White House is threatening to veto a House cybersecurity bill unless changes are made to further safeguard privacy and civil liberties, and limit private-sector liability protections.
Last week, the House Intelligence Committee approved and sent to the full House proposed legislation that would enhance data sharing between the government and private industry to help protect computer networks from cyber attacks.
The committee amended the bill after consulting with the White House during its drafting, but the Obama administration is still not satisfied with some of its provisions.
"The administration still seeks additional improvements and if the bill, as currently crafted, were presented to the president, his senior advisers would recommend that he veto" it, the White House budget office said in a statement on Tuesday.
New cybersecurity bill clears House committee
By Pam Benson
The House Intelligence Committee has overwhelmingly passed a new cybersecurity bill that would enhance data sharing between the government and private industry to protect computer networks and intellectual property from cyber attacks.
By a vote of 18-2, the panel on Wednesday approved the Cyber Intelligence Sharing and Protection Act (CISPA).
The measure sets up a voluntary system for companies to share threat information on their networks with the government in exchange for some liability protections.
The bill also allows the government to share intelligence and other cyber threat information with industry.
A similar bill died in the Senate last year after a number of Republicans argued that proposed cybersecurity standards allowed for too much government regulation.
The White House had threatened to veto that bill over privacy concerns.
FULL POST
The Luddite atop U.S. cybersecurity
Department of Homeland Security Secretary Janet Napolitano acknowledged Friday her Luddite-like ways, despite the fact her position puts her in a critical leadership role when it comes to defending the nation's infrastructure from cyberattacks.
Napolitano said she does not use email "at all."
"For a whole host of reasons. So, I don't have any of my own accounts and that, you know, I'm very secure," Napolitano noted at a Washington conference about cyber security.
"Some would call me a Luddite but you know. But that's my own personal choice and I'm very unique in that regard I suspect," Napolitano added.
The Obama administration has been pushing Congress to revisit legislation that would have given DHS authority to enforce security standards. Legislation faltered earlier this year over concerns that it was too intrusive in requiring business to share data about intrusions, rather than it being voluntary.
In the meantime, an executive order is being drafted by the Obama administration that would help clarify security standards, Napolitano said. She said President Barack Obama has not reviewed it yet.
Napolitano said legislation would not dictate to companies how to run their security but rather would be a public-private partnerships to defend critical infrastructure.
Executives advocate a military approach to cybersecurity
By Suzanne Kelly
CNN Intelligence Correspondent
A new study being released by a private Internet security company highlights cyberworld weaknesses when it comes to gathering intelligence on hackers and suggests that businesses take a more military-minded approach to defense.
The cybersecurity company CounterTack polled 100 information security executives at companies with revenues greater than $100 million. Nearly half of the respondents said their organization had been the victim of a targeted cyberattack within the past year.
Some 80% of those polled believe that taking a more military-minded approach to the cyberwar could benefit business, according to CounterTack CEO Neal Creighton, whose firm released the poll Monday. For Creighton, that means incorporating more military-style intelligence gathering into companies' cyberworld defenses. FULL POST
President mulling executive order to fill cybersecurity gap
By Suzanne Kelly
President Barack Obama is considering whether to issue an executive order to fill a gap in the country's cybersecurity defenses after Congress failed to move forward cybersecurity legislation last week.
Homeland Security adviser John Brennan said failure to pass legislation that would grant the government more authority in heading off cyber intrusions and attacks, has left a gap that the executive branch is working to fill on an interagency basis, using the resources of the Department of Homeland Security, the National Security Agency and the FBI.
"Executive Orders are a good vehicle to actually direct the departments and agencies to do some certain things to make sure that the nation is protected," Brennan said during a question and answer session at the Council on Foreign Relations in Washington. "We can't wait, so we're doing things, DHS in conjunction with NSA, FBI, others are working to make sure that we are able to better safeguard our environment but also be able to respond but also be able to be resilient."
Cybersecurity bill fails in Senate
By Jennifer Rizzo
The most comprehensive cybersecurity legislation proposed by Congress, which sponsors say would have helped protect the government and industry from potentially devastating cyberattacks, was voted down in the Senate Thursday.
The Cybersecurity Act of 2012 would have given the government the three legislative elements it needs to fend off cyberattacks, according to John Brennan, assistant to the president for homeland security and counterterrorism. Those are new threat-information-sharing between the government and private industry, better protection of critical infrastructure such as the power grid and water filtration facilities, and authority for the Department of Homeland Security to unite federal resources to lead the government's cybersecurity team.
Sens. Joe Lieberman, I-Connecticut, and Susan Collins, R-Maine, introduced the bill.
"This is a moment of disappointment that I really cannot conceal," Lieberman said after the vote. "But the threat of cyberattack is so real, so urgent and so clearly growing that I am not going to be petulant about this."
FULL POST
Administration's computer safety A-team urges passage of Cybersecurity Act
By Suzanne Kelly
The White House rolled out its cybersecurity A-team Wednesday for an on-the-record telephone conference, with reporters hearing an appeal for the Senate to pass the Cybersecurity Act of 2012 now being debated on the Senate floor.
John Brennan, assistant to the president for homeland security and counterterrorism, was joined by Keith Alexander, chief of U.S. Cyber Command and head of the National Security Agency, as well as Jane Holl Lute, deputy secretary at the Department of Homeland Security, and Eric Rosenbach, deputy assistant secretary of defense for cyberpolicy.
"The risks to our nation are real and immediate," Brennan said, adding that the White House doesn't see the legislation as a partisan issue, but rather a matter of national security.
Cybersecurity bill passes despite concerns about personal data protection
By Deirdre Walsh
Ignoring a veto threat from the White House, the House passed legislation Thursday designed to protect communications networks from cyberattacks.
The vote was 248-168.
But even as the House bill moves forward, privacy concerns about granting government agencies access to personal information transmitted on the Internet could prove to be a major obstacle to any new cybersecurity law.
House Intelligence Committee Chairman Mike Rogers, R-Michigan and a former FBI agent, said he spent the last year working on the bill because the national security risk to the United States posed by cyberattacks is one, "we are just not prepared to handle." FULL POST
9/11 Commission co-chairs prod senators for cybersecurity action
By Suzanne Kelly
Tom Kean and Lee Hamilton, who co-chaired the 9/11 Commission, weighed in Monday on a simmering disagreement in the Senate over the best way to address the nation's vulnerability to cyberattacks.
The two men, who now run the Bipartisan Policy Center's Homeland Security project, are calling on senators to take more urgent action on the issue of cybersecurity. They cite recent public statements by Director of National Intelligence James Clapper and FBI DIrector Robert Mueller warning that the cyber threat is expected to overshadow other terrorist threats facing the United States in the not-too-distant future.
"Much like the situation before the September 11, 2001, attacks, the federal government is not adequately organized to deal with a significant emerging national security threat," said Kean, former governor of New Jersey; and Hamilton, a former congressman from Indiana, in a letter sent to Senate leaders urging action on cybersecurity.
Senators compete for vision of cybersecurity
By Suzanne Kelly
Republican senators are proposing cybersecurity legislation calling for a series of government incentives to make sure that companies comply with security issues.
The bill is meant to counter separate proposed legislation that seeks to designate the Department of Homeland Security as the lead agency for securing the nation's cybersphere infrastructure. FULL POST
@natlsecuritycnn on Twitter
