President Barack Obama gestures while giving his State of the Union address during a joint session of Congress on Capitol Hill in Washington, Tuesday Feb. 12, 2013. (Pablo Martinez Monsivais/AP)
President Obama bypassed the Congress on Tuesday and signed the much maligned but anticipated cybersecurity executive order.
He made the announcement during the State of the Union address, stating:
'We know hackers steal people’s identities and infiltrate private email. We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems,' Obama said during his speech. 'We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.'
'That’s why, earlier today, I signed a new executive order that will strengthen our cyber defenses by increasing information sharing, and developing standards to protect our national security, our jobs, and our privacy,' Obama continued. 'Now, Congress must act as well, by passing legislation to give our government a greater capacity to secure our networks and deter attacks.'
The privacy-killing cybersecurity legislation CISPA has failed to pass in the Senate in two votes last year which Obama called the "height of irresponsibility."
As usual, the executive action was "urgent" and "for our safety". Yet, we already know that the government has already been using the powers vested in the Cyber Intelligence Sharing and Protection Act through the secret Presidential Directive 20 and warrantless cooperation with private communications companies who may act with impunity.
The lengthy executive order does not give federal agencies "new authority", rather it just spells out more or less who's in charge -- which is the Department of Homeland Security of course:
The cyber order gives the Department of Homeland Security (DHS) a lead role in establishing a voluntary program that encourages critical infrastructure operators to adopt the NIST and industry-developed cybersecurity framework, which is aimed at beefing up the security of their computer systems and networks. DHS will work with agencies, such as the Department of Energy, and industry councils to implement the cybersecurity best practices laid out in the framework, as well as identify possible ways to entice companies to join the voluntary program. (Source: The Hill)
Hereis the entire Executive Order called Improving Critical Infrastructure Cybersecurity:
