White House's Fixation on CybersecurityIT Security on Obama's Agenda in His Meeting with Congress
Cybersecurity, indeed, is getting more attention from the White House.
During President Obama's first term in office, except for the fanfare surrounding the announcement of his cyberspace policy in 2009 [see The President's 10-Point Cybersecurity Action Plan], hardly a word was heard from him regarding cybersecurity. And then during his re-election campaign, cybersecurity received scant mention [see Cybersecurity: Obama vs. Romney].
We have certainly seen some willingness on the part of multiple committees up on the Hill to have a good dialogue on this space.
But in recent weeks, the rhetoric from the White House and the president himself finally adds proof to the long-time claim that cybersecurity is a top administration priority.
Talking Cybersecurity on the Hill
While cybersecurity might not get the same attention from the White House as does the federal budget and deficit reduction, immigration reform and reducing gun violence, it's far from being ignored these days. Cybersecurity will be on the agenda when President Obama visits lawmakers in the Capitol this week.
White House Press Secretary Jay Carney, in his daily briefing of the White House press corps on March 11, volunteered that "the need for Congress to take action on cybersecurity" legislation will be raised when the president makes three trips down Pennsylvania Avenue this week to meet with Congress.
The Obama administration is ratcheting up its attention to cybersecurity. In his State of the Union address last month, Obama called on Congress to enact cybersecurity legislation to enhance his executive order calling for information sharing between government and business and establishing IT security best practices [see Obama Issues Cybersecurity Executive Order and State of the Union: Cybersecurity Word Count].
Spreading the Obama Security Gospel
Two weeks ago, the Obama administration was very visible promoting its cybersecurity agenda at the annual RSA Conference. White House Cybersecurity Coordinator Michael Daniel and Homeland Security Deputy Undersecretary for Cybersecurity Mark Weatherford spent a good part of the week in San Francisco touting the administration's cybersecurity agenda on RSA panels, in private discussions and in interviews [listen to Daniel Sees Path to New Infosec Law and watch video DHS's Weatherford on Cybersecurity Workforce]. FBI Director Robert Mueller, after delivering his RSA keynote address, met privately with a number of IT security leaders from business, including Cisco Chief Security Officer John Stewart, Intel Chief Information Officer Malcolm Harkins and Melissa Hathaway, who led President Obama's cyberspace review in 2009 and now provides advice to businesses and governments.
Also on March 11, White House National Security Adviser Tom Donilon in a speech said the administration is asking the Chinese government to stop cyber-intrusions originating in China against American corporations to steal intellectual property [see U.S. Asks China to Probe, Stop Cyber-Intrusions].
Ending Partisan Bickering?
Cybersecurity had been considered a bipartisan issue until the past Congress, when political divides surfaced, mostly over the role the federal government should play on developing IT security standards for critical infrastructure owners, safeguarding citizens' privacy and how far Congress should go in enacting a law to protect businesses against lawsuits when companies share secrets about cyberthreats. Partisan bickering prevented Congress from enacting significant cybersecurity legislation last year [see Senate, Again, Fails to Halt Filibuster].
Obama's face-to-face meetings with lawmakers on their turf are seen as significant steps by the president to try to reach compromise on a number of these issues, and there have been signals from Democrats and Republicans that they're willing to find compromise, at least on cybersecurity.
At a Senate hearing on cybersecurity last week, Republican lawmakers were restrained on vocalizing their objections to Obama cybersecurity policies. Indeed, the sponsors of Cyber Intelligence and Sharing Protection Act - which President Obama last year threatened to veto [see Obama Threatens to Veto Cybersecurity Bill] - have expressed a readiness to find common ground on IT security legislation [see Is Compromise in Offing for CISPA?]. In an interview I recently had with Daniel, the cybersecurity coordinator said the administration, unlike last year, doesn't plan to propose its own cybersecurity legislation, but intends to work with Congress to come up with appropriate new laws.
"We believe in that principles outlined in that package of legislation we still support and we're still behind, but I would say we're more focused on continuing to engage with Congress as they work through their normal processes," Daniel said. "You hear them talk about the regular order. We certainly want to work with the various Congressional committees as they come up with their bills."
Hopes Lie with Lobbyist-in-Chief
Now, Lobbyist-in-Chief Obama heads to Capitol Hill. Will these meetings make a difference?
Daniel, with whom I spoke shortly before the president's Capitol Hill visits were revealed, seems cautiously optimistic:
"We have certainly seen some willingness on the part of multiple committees up on the Hill to have a good dialogue on this space. From the administration's standpoint, we will continue to push for legislation that matches up with our principles that we think can pass both the House, the Senate and eventually to be signed by the president. I'm hopeful that we can accomplish that, but of course, as everybody knows, this is a very difficult political environment. We'll keep working at that and see what we can achieve."