The First Salvo from the White House on Cybersecurity

Earlier today, the White House issued a letter addressed to Senator Jay Rockefeller, Chairman of the Senate Commerce, Science, and Transportation Committee, signed by John O. Brennan, Assistant to the President for Homeland Security and Counterterrorism.

The letter states “the President is determined to use existing executive branch authorities to protect our nation against cyber threats.” This letter makes clear that in the absence of comprehensive cybersecurity legislation the White House will issue an Executive Order aimed at owners and/or operators of critical infrastructures. The order would require owners and operators of critical infrastructures to develop best practices in coordination with the federal government to protect against cyber threats and attacks.

The letter clarifies that the White House supports an information sharing and “best practices” approach between the federal government and the private sector. It does not shed light on whether penalties and/or liabilities would be imposed on those providers and/or owners who fail to comply with such as Executive Order. The issue of mandates, penalties, and liabilities is a key point of contention between Democratic and Republican Leadership, and it is not surprising that the letter is silent on the issue. Nevertheless, for those critical infrastructure providers and/or operators that “are already meeting these recommended best practices, nothing more would be expected.”

The release of this letter now shifts the focus to Republican Leadership in both Chambers to await their response to the first salvo from the White House on the cybersecurity debate. By all accounts, securing passage of a major cybersecurity bill would be a herculean effort prior to the November election. We will wait and see how things unfold and will report back as details emerge.