The Pentagon wants Congress to pass a cybersecurity bill to safeguard critical assets such as the power grid. But Senate efforts failed, meaning President Obama might issue an executive order.
With new cybersecurity legislation failing to pass the Senate this week, expectations are growing that the White House will soon step in with an executive order to shore up cyberdefenses for the power grid, water purification, and other vital systems.
White House officials have said that while the president prefers a broad legislative solution, the executive branch would have to act this year if Congress did not. A document purporting to be a leaked draft of the executive order has been on the Internet since September.
The possibility of a congressional solution this year appeared to be shot down Wednesday with the failure of a Senate cybersecurity bill introduced by Sens. Joe Lieberman (I) of Connecticut and Susan Collins (R) of Maine. Under the bill, operators of natural-gas pipelines, refineries, water-supply systems, and other vital assets would have been asked to voluntarily submit their computer networks to security testing by the Department of Homeland Security (DHS). In return, those industries would have gotten federal protection from financial liability.
An executive order could achieve some of these goals, but could not offer a liability exemption, making it potentially much more difficult for DHS to persuade private computer networks – which control 85 percent of the nation's critical infrastructure – to cooperate.