Thursday, September 27, 2012

Cyber order should focus on critical infrastructure

Sen. Ron Wyden (D-Ore.) said the White House's cyberesecurity executive order should clearly state that it applies only to companies that operate critical infrastructure and not Web companies that provide online search and social networking services.

In a letter sent to White House Cybersecurity Coordinator Michael Daniel on Wednesday, Wyden argued that "networks that facilitate commerce, provide search services or are platforms for social networking and speech, vulnerabilities are unlikely to constitute threats to our national security." For this reason, the Oregon Democrat said the executive order should make clear that it's focused on strengthening the security of computer networks and systems running critical infrastructure such as energy, water and transportation systems. 

"It would be a profound mistake to subject our growing digital economy to onerous new cyber rules and regulations that stifle innovation, creativity, and job growth," Wyden said in the letter. "Such rules will not serve to combat the real threat to the nation's critical infrastructure and national security." 

After the Senate failed to pass a sweeping cybersecurity bill this summer, the White House has decided to move ahead on its own and draft an executive order that would protect critical infrastructure from cyberattacks. 

In the letter, Wyden said the White House should focus on establishing cybersecurity outcomes and goals when drafting the order, rather than dictate "the methods by which that security is achieved." This would enable companies to choose whatever type of security software and technology they want to secure their computer systems.

He added that the executive order should not jeopardize Americans' privacy and civil liberties in the name of cybersecurity. Wyden had raised a similar warning when the Senate was considering Sen. Joe Lieberman's (I-Conn.) cybersecurity bill before the August recess. 

"Cybersecurity proposals need not license the government to unnecessarily obtain and snoop through people's electronic communication in order to combat cyberattacks," he said. 

No comments: