backtop


Print 39 comment(s) - last by MarthaGray22.. on Feb 17 at 9:30 PM

Order has been anticipated for some time now

President Barack Obama (D) has been widely criticized by conservatives for his use of executive orders to push the federal actions he wants when Congress is unwilling to go along with him.  The tactic isn't exactly new (FDR signed nearly 4,500 executive orders) and President Obama hasn't used it all that often (he's signed 144) [source].  But his critics contend his executive orders are more sweeping and loaded with action than past ones, so the small count is misleading.

I. Some Critics Say the Order Goes Too Far...

That criticism may be revived this week if President Obama drops his long-awaited cyberwarfare executive order.

Reuters spoke with government officials who had seen the order and said it is expected for a Wednesday drop.  The order is expected to expand the role the U.S. Department of Homeland Security (DHS) plays in policing the homeland online from both internal and external threats.
 
Obama speaking
President Obama wants to expand the federal gov't to "solve" the cybersecurity "crisis".
[Image Source: U.S. Aid]

 
The expansion of DHS authority alone is enough to make many a bit queasy.  Under President Bush, the new intelligence agency was a key point of controversy from his Democratic and third party critics.

Some Republicans even opposed the DHS under both Bush and Obama, although they're a drastic minority in Congress.  Perhaps most notable is Rep. Ron Paul (R-Texas) who has suggested that the Department of Homeland Security is poor in talent, offensive to civil liberties, and redundant, commenting [source]:

Before 9/11, we were spending $40 billion a year, and the FBI was producing numerous information about people being trained on airplanes, to fly them but not land them. And they totally ignored them. So it’s the inefficiency of the bureaucracy that is the problem. So, increasing this with the Department of Homeland Security and spending more money doesn’t absolve us of the problem. Yes, we have every right in the world to know something about intelligence gathering. But we have to have intelligent people interpreting this information.

But like it or not, Ron Paul and his supporters on the left and right may be unable to stop President Obama from pushing through the plan.

II. ...Others Complain It's Too Weak

One thing that will make it difficult to rally Congressional opposition to the order is that the order itself is actually relatively similar to the bills put forth by bipartisan committees in both the House and Senate last year.

In reality, most Congressional Democrats and Republicans agreed that some sort of increase in cyberdefense spending and more codified framework for public-private sharing of information on threats was necessary.  Both plans involved incorporating the DHS into those roles.  So on the surface at least the pending executive order does not sound all that different from what either the House or Senate had agreed upon.

Ultimately, neither bill passed last year, thanks largely to partisan bickering.  While the House bill and Senate bill were remarkably similar, the Republican controlled house insisted on its version being passed, while the Democratic controlled Senate demanded its bill be the final version.  Ultimately that gridlock sunk both bills, when a series of small changes would likely have been enough to reconcile the differences between the two bills.
 
Congress Buillding wide
Despite drafting nearly identical bills last year, the House and Senate were not able to reach agreement, due largely to partisan bickering. [Image Source: U.S. Congress]
 
The U.S. Federal Bureau of Investigation (FBI) is among the cyberdefense agencies frustrated by that bureaucratic train wreck.  But officials to acknowledge that it won't be easy convincing the private sector to trust federal security.

Comments FBI Executive Assistant Director Richard McFeely, head of the Criminal, Cyber, Response and Services Branch, "Our biggest issue right now is getting the private sector to a comfort level so they can report anomalies, malware, incidents within their network [without them fearing media leaks]."

Reportedly the information sharing portions of the order will be voluntary for most businesses.  

Indeed, despite the controversy over what the order does do, there's also some concern/criticism about how much it doesn't get done.  Comments one source to Reuters -- "We know the executive order isn't going to go as far as legislation could or will go, but it's a good start."

Stewart Baker, former National Security Agency (NSA) general counsel and a past assistant secretary for policy at the DHS comments, "I think this can fairly be described as a down payment on legislation.  [It should do something positive], but whether it will provide practical protection from cyber attacks is still in doubt."

Source: Reuters



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Don't get it
By Ammohunt on 2/12/2013 2:24:25 PM , Rating: 2
What can the inept Government provide as far as "Cyber Security" that private companies can't for themselves? I would be hugely wary of any security proposals derived from the Feds if i were a business owner. As far as i can tell the FBI along with the likes of Microsoft are doing a fair job in busting up botnets and cracking down on security threats why add a DHS layer of bureaucracy?




RE: Don't get it
By Milliamp on 2/12/2013 2:35:09 PM , Rating: 2
I suppose the answer is probably investigation. A companies capabilities mostly stop at hardening their own defenses.


RE: Don't get it
By ianweck on 2/12/2013 2:37:19 PM , Rating: 3
You ask me, seems both the Government and private companies are doing a piss-poor job of cyber security. Almost like they're trying to out-do one another.


RE: Don't get it
By nafhan on 2/12/2013 2:58:13 PM , Rating: 2
What can they provide? Plenty. If for no other reason than they've got the authority to pass new laws when applicable.

What will they do? That's what I'm worried about. We'll have to wait and see, but it sounds as if the most significant piece of this might end up being further power consolidation for DHS, which is actually more concerning to me than cyber-security issues.

I would highly recommend reading up on VIPR teams and what they're allowed to do if you have not done so!


RE: Don't get it
By JediJeb on 2/12/2013 6:07:47 PM , Rating: 2
quote:
What can they provide? Plenty. If for no other reason than they've got the authority to pass new laws when applicable.


The authority to pass new laws is of no consequence if the laws do not cover what needs to be done to secure a network!

If they pass a law that says it is illegal to hack into a public or private network, all that does is make the act illegal, not provide security. A law that would require all networks to run a certain type of security protocol would only make it so that once that protocol was broken, all networks would be vulnerable because they all run the same protocol. The only law that could be passed either through Congress or by executive order that will do any good at all will be one that authorized someone to take action against the intruder of a network in a swift and decisive fashion. Forcing private networks to open up to Federal scrutiny will do nothing to help the problem. Maybe holding the owners of such networks criminally liable for any damages incurred by a breach would provide an incentive to keep them more secure, but still would do nothing to physically secure the networks.

Short of mandating a physical disconnect of all domestic networks from any network outside the United States, no law will protect the US from outside cyber attacks, only vigilant network operators can have any effect at all.


RE: Don't get it
By nafhan on 2/13/2013 9:37:16 AM , Rating: 2
That's why I made the comment about being more concerned that this is a power grab by DHS...


RE: Don't get it
By Azethoth on 2/12/2013 3:47:20 PM , Rating: 3
Script kiddies and criminals with botnets are not the problem. Russia and China engaging in wholesale theft is the problem. Weird, I do not see your magic solution doing anything about that.


RE: Don't get it
By TSS on 2/12/2013 9:12:40 PM , Rating: 3
Replacing inept private business management with inept government management isn't a sollution either.

Start requiring managers (not personell, managers) to have atleast some experience with IT security before they even get the position, now that'll fix the problem, both in government and in private business. People who, when you ask them to choose between "well we can get another 1% of profit if we skimp on IT security but if we get hacked, it's all over", they forgo the profit and go with the security.

Government is the same thing just replace "profit" with "amount of regulations". more regulations =/= more security (but it is more work for civil workers thus the choice of more regulations currently).


RE: Don't get it
By NellyFromMA on 2/12/2013 4:29:43 PM , Rating: 2
While at first I am not for this executive order in its current standing, to answer your question...

I think the issue is that the private sector has been left to cover itself already and has failed miserably. The number of domestic-bound attacks / hacks in the passed 5 years alone is scary, nevermind how many of them took place in the last 2-3.

The private sector in many ways is too diverse to generalize as inept in this regard, and yet, the multitude of successful intrusions and the various markets these attacks penetrated is alarming at best. That is the problem.

The solution... not as easy to identify. Is it the public sectors responsibility to come swooping in to save the day here? Normally the thought causes me to cringe and naysay (with good reason most of the time). However, the stakes probably can't be larger in this scenario.

We have attacks we can only try to ID by attack surface, or style / signature that are occurring on national infrastructure, banking, defense... we beleive they are largely other nations but they could be other foreign entities (non-sovereign).

America can not act on what it thinks any longer, it must act on what it knows. Particularly since China's primary offense and defense is deception-based.

In light of this, the public sector and truly society at large is essentially under attack. Something must be done... this bill... idk if its appropriate for the situation honestly.

We don't really seem to have a problem with domestic hackers attacking domestic end points. It's foreign hacking that is largely the problem. I think it calls further into question how we respond to and react to these 'cyber attacks'. The problem is, if you can't definitively identify the attacker, how can you really take action against them. That's less information than we thought we had before invading Iraq in 03.

It's a really tough issue, and IMO the most important issue we have as a nation... I'll even go so far as to say hacking has a role in the current state of our economy and so I rank it even above our economy's health as a national priority.

Ultimately the public sector's involvement is largely because of the private sector's lack of involvement. What the public sector can do that the private sector can't is a good question though. Presumably direct access to telecom infrastructure helps?


RE: Don't get it
By Reclaimer77 on 2/12/2013 4:59:11 PM , Rating: 3
quote:
I think the issue is that the private sector has been left to cover itself already and has failed miserably. The number of domestic-bound attacks / hacks in the passed 5 years alone is scary, nevermind how many of them took place in the last 2-3. The private sector in many ways is too diverse to generalize as inept in this regard, and yet, the multitude of successful intrusions and the various markets these attacks penetrated is alarming at best. That is the problem.


I don't think you (we) have enough information to make that judgement. We only hear about the big high profile hacks. We don't hear about the hundreds or thousands of ones that are stopped cold by private sector security do we? So without the hard facts and numbers, how can we make that estimation?


RE: Don't get it
By Reclaimer77 on 2/12/2013 4:53:36 PM , Rating: 5
This isn't about security, it's about spending more money and consolidating more power.

The Imperial Presidency continues. Our Representatives, who are Constitutionally mandated to pass laws and make policies, are once again usurped in favor of Executive action.

I guess he learned from Obamacare. Why bring stuff like this into a public debate and take the risk of the American public having a chance to be informed and take sides? Just magic things into existence with the stroke of a pen, Democracy be damned.


RE: Don't get it
By room200 on 2/12/2013 7:58:22 PM , Rating: 2
President Obama has used the Executive Order the least of most presidents including Bush I, Bush II, and Clinton.


RE: Don't get it
By Alexvrb on 2/12/2013 10:52:13 PM , Rating: 2
The quantity isn't a problem in and of itself. The scope is a problem. The lack of boundaries is a problem. The problem is not just Obama, its where the system is headed as a whole.

Who can really do anything if the Executive branch decides to run rampant? Where's the enforcement? Much of Congress is in his pocket and without them the rest are feeble. In the coming years reliance on the Judicial branch to keep things upright is going to become a thing of the past, as they are nearing the tipping point themselves.


RE: Don't get it
By room200 on 2/12/2013 8:06:51 PM , Rating: 2
It was an up or down vote. 219-212. Republicans LOST the VOTE . Nine years ago, George W. Bush used reconciliation to pass $1.3 TRILLION in tax cuts that went mostly to the wealthiest Americans. The Democrats LOST that VOTE.
Don't hate the player...hate the game. Now stop f$%cking whining all the time.


RE: Don't get it
By arthur449 on 2/13/2013 2:42:33 PM , Rating: 2
In situations such as this, where mandating policies and procedures in a timely fashion is required, bypassing the legislative branch (which is at an all time low in terms of public approval anyway) is the best course of action if something is actually going to get done.

Now, granting this responsibility to the redundant, inept, and unnecessary DHS is where I find fault. At least, I suppose, it wasn't cryptically left to the TSA.


RE: Don't get it
By Ammohunt on 2/14/2013 10:51:28 AM , Rating: 2
Whatever reasoning you or anyone comes up with the fact is that this is not the way the system was designed to work. Passing laws is the sole duty of the legislative branch anything other than that is a potential abuse of power and should be challenged like the Labor board appointments.


RE: Don't get it
By Reclaimer77 on 2/14/2013 4:25:07 PM , Rating: 2
That's not a Democracy or a Republic. "Do what I want fast, or I'll do it myself". Sounds like something a tyrant or King would say. This is America, remember?

The founders of this country specifically saddled the office of the President with a Congress, as a check to his power. Notice I said saddled, as in burdened. The reason for this is so no President could just get what he wanted, all the time, on every issue, without the people being involved. Congress are the people's representatives.


RE: Don't get it
By Alexvrb on 2/12/2013 10:43:34 PM , Rating: 2
They should completely shut down the DHS, and give half the reclaimed money to the more useful agencies. Like the FBI. The rest would just be part of the cutting we should be doing anyway.

Anyway, the Emperor just issues an order when Congress doesn't do as the he demands. Checks and balances WHERE? It gets even worse when you see the Supreme Court getting loaded with activist "judges". How can you uphold the Constitution when your very purpose is to subvert it, altering its meaning to suit your political purposes?


RE: Don't get it
By Ammohunt on 2/13/2013 10:23:45 AM , Rating: 2
I agree need evidence? see the State of the Union address last night. One thing about it that jumped out at me was the call to raise the minimum wage to $9 an hour! He is utterly clueless on how wealth is generated; raising the minimum wage would be a gigantic job killer and raise the costs of pretty much everything causing even more economic hardships for everyone. Seriously he is actively trying to destroy this country.


RE: Don't get it
By Reclaimer77 on 2/13/2013 4:44:28 PM , Rating: 1
Obama is insane, that's all there is to it. He's a big fan of Unions as we know. But he actually believes he can run this country like one and it will somehow work. First Obamacare requires everyone to have health insurance weather they need it or want it. Now he's going to directly tamper with wages. On top of the zillions of new regulations and employer mandates he put in place in his first term!

$9 minimum wage, unless you're a moron, is an absolute non-starter from an economic standpoint. The full-time employment sector will be wrecked. Prices on everything will jump up, again. And all his bitching about "outsourcing"? Well congratulations, you just gave the free-market another HUGE incentive to continue outsourcing. As if all your taxes and fees and other burdens weren't already enough!!

quote:
He is utterly clueless on how wealth is generated


That's just the thing, he does understand how it's generated. He just hates that it is. He believes in wealth redistribution, not wealth generation. Better for everyone to be equally miserable, than for some to rise above others. That's how "Progressives" see fairness.

The debate (if there even was one) is officially over. If anyone can still look you in the eyes after last-nights speech, and proclaim Obama to NOT be a socialist and typical 'tax and spend' Liberal, their being willfully ignorant.

quote:
Seriously he is actively trying to destroy this country.


We've been saying this for 4 years. But when you have 50% of the country paying no taxes, and getting mostly a free ride, the voters don't care. We've officially hit that "tipping point" we've all been worried about.


RE: Don't get it
By room200 on 2/13/2013 11:48:07 PM , Rating: 2
Where's your evidence that it would be a "gigantic job killer"? Republicans claim this crap every time the minimum wage is increased and it is NEVER true. You can't show any eveidence that proves what you're saying.


"If you look at the last five years, if you look at what major innovations have occurred in computing technology, every single one of them came from AMD. Not a single innovation came from Intel." -- AMD CEO Hector Ruiz in 2007














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki