Skip Navigation

Close and don't show again.

Your browser is out of date.

You may not get the full experience here on National Journal.

Please upgrade your browser to any of the following supported browsers:

White House Agrees to Let Congress Codify some Cybersecurity Policies White House Agrees to Let Congress Codify some Cybersecurity Policies

This ad will end in seconds
 
Close X

Not a member? Learn More »

Forget Your Password?

Don't have an account? Register »

Reveal Navigation
 

 

Tech / TECHNOLOGY

White House Agrees to Let Congress Codify some Cybersecurity Policies

June 23, 2011

Nextgov.com is part of the National Journal Group Inc. and the Atlantic Media Company. It is a spin off of GovernmentExecutive.com and provides coverage and commentary on the management of information technology in the federal government. From time to time, Nextgov and GovernmentExecutive.com will share content and collaborate on features and events.

Obama administration officials say they will let Congress make permanent in statute some cybersecurity policies the White House initially had wanted the executive branch to authorize, to more quickly implement the law.

The White House in May distributed to lawmakers 52 pages of text for consideration as part of a wide-ranging network protection bill that would empower agencies to promulgate various rules -- a process that often involves cost-benefit analyses, White House reviews, and public comment periods.

For instance, Homeland Security Department officials this week said they expect that under their proposal, Internet service providers eventually will be deemed "critical infrastructure" operators subject to greater government oversight -- pending a rulemaking. Critical infrastructure systems are regarded as so vital to American life and property that network disruption would be cataclysmic.

 

"At the end of the day, I do think that the ISPs -- being critical to connectivity for a wide range of entities and therefore likely to cause cascading effects if there is an outage within their infrastructure -- would likely fall within critical, but there would be a [rule-making] process in order to get to that," Greg Schaffer, DHS acting deputy undersecretary for the National Protection and Programs Directorate, said at a Senate Judiciary subcommittee hearing on Tuesday afternoon.

Sen. Sheldon Whitehouse, D-R.I., chairman of the Crime and Terrorism subcommittee, said this delay is one of many in the administration's agenda that bother him.

"We don't even get around to defining who the participants are in the protection of our critical infrastructure for some considerable time and some considerable effort in administrative rulemaking," he said. "I'm worried about the extent of the threat that we're facing right now, and the time that it will take to work though some of the administrative procedures that are built into the administration's proposal."

Other White House proposals that would use the regulatory process include descriptions of notifications that businesses must issue to regulators, customers, and the media in the event of data breaches.

In addition, DHS, through a rulemaking, would create a methodology for companies to use to identify and mitigate security risks to critical infrastructure. The department also would go through the regulatory motions to establish a means of evaluating those improvement plans.

James A. Baker, associate deputy attorney general, said of the proposed regulatory work, "Wherever we can move them into statute, that would be fine as long as we maintain the flexibility that we need to deal with the evolving threat."

Throughout history, administrations and lawmakers have disagreed with how to put laws into action, as they check each other's powers. The implementation of the health care overhaul is an example of this battle.

But even with backing from the executive branch, Whitehouse recalled spending about three years working with the Drug Enforcement Administration to lift a ban on prescribing pharmaceuticals electronically.

"I had the support of the department of Health and Human Services and ultimately of the attorney general... so when that's the pace of something that the government agrees with, it makes me concerned about the prospect of delay" in protecting the country's networks, he said.

LIKE THIS STORY? Sign up for Tech Edge

Sign up for our daily newsletter and stay on top of tech coverage.

Sign up form for Tech Edge
Job Board
Search Jobs
Biomedical Service Internship Position
American Society of Civil Engineers | Flint, MI
Fire Sprinkler Inspector
American Society of Civil Engineers | Charlotte, NC
Professional Development Program Engineer
American Society of Civil Engineers | Farmington Hills, MI
Deputy Director of Transit Operations
American Society of Civil Engineers | San Jose, CA
Transportation Planner
American Society of Civil Engineers | Salinas, CA
Assistant Professor - Water Resources/Ecological Engineering
American Society of Civil Engineers | Auburn, AL
Product Manager - Chemical Development and Supply - Tulsa, OK
American Society of Civil Engineers | Tulsa, OK
Commissioning Intern
American Society of Civil Engineers | Chicago, IL
Assessment and Remediation Team Lead
American Society of Civil Engineers | Regina, SK
Business Development Manager
American Society of Civil Engineers
Sr. Controls Systems Engineer
American Society of Civil Engineers | Grand Island, NE
Senior Project Manager- Transportation
American Society of Civil Engineers | San Antonio, TX
Materials Engineer 2
American Society of Civil Engineers | IL
Land Surveyor
American Society of Civil Engineers
Quality Engineer
American Society of Civil Engineers | Attica, IN
 
Comments
comments powered by Disqus