From: Politico Pro
By TONY ROMM
Nearly a year after President Barack Obama issued an executive order to improve the cybersecurity of the nation’s vital assets, the administration doesn’t have much to show: The government is about to produce only some basic standards, with little incentive for the private sector to participate.
The program’s early weaknesses are a sign that — even as high-profile breaches at Target and other retailers compromise the data of millions of consumers — the White House and Congress have made minimal progress on the potentially more serious issue of protecting power plants, oil pipelines and major banks from a crippling cyberattack.
The administration’s blueprint for such “critical infrastructure,” due this month, is shaping up to be a simple checklist, mirroring well-established industry norms. The standards are entirely voluntary and, so far at least, the White House and Congress haven’t come up with much-needed perks — like tax breaks or federal contracting advantages — that could spur companies to take part.
Top White House officials are already hitting the road to pitch the plan to the country’s business leaders — but in Washington, there’s broad agreement that much more work needs to be done.
“Either Congress will have to really put some muscle behind it, or the regulators … will have to pick up the baton,” said Michael Chertoff, former Homeland Security secretary under President George W. Bush and now a cybersecurity consultant with The Chertoff Group. “I wouldn’t say we’re at the end of the journey.”
Leave a Reply