• The Heritage Network
    • Resize:
    • A
    • A
    • A
  • Donate
  • Cybersecurity Will Not Be Solved by a New Executive Order

    The nation does not deserve a cybersecurity solution that is rushed through by executive order. The current draft cyber executive order is being seen by some as a long-awaited panacea for the “lack” of motivation of critical industry to secure itself. This is ridiculous.

    Presently, the reason for businesses not sharing information on cyber intrusions has little to do with motivation or laziness. It has to do with the financial and business choices made by management. If reporting an intrusion will hurt your company, and will do little or nothing to help others, why do it? If a major company thinks that sharing information exposes them to damage on the stock market, or that it will be too late in providing the relevant attack data to companies in a similar sector, it provides little incentive to share.

    Add to that the concern that proprietary information might become exposed through Freedom of Information Act (FOIA) requests once it becomes “government property.” Finally, add that sharing that information may put those companies at risk for litigation by anyone affected by that sharing, and you can see who is at fault for the lack of sharing. It is not business.

    It is important to note that an executive order cannot add some of these critical protections; only legislation can. A cyber executive order falls far short and, if anything, slows down Congress, which now has to navigate new regulations and executive standards.

    Do we need to improve cybersecurity? Absolutely, yes. Should the government play a role in that improvement effort? Without a doubt, yes. How can we square this circle?

    First, any new law must provide businesses with protection from the above-mentioned concerns without telling them exactly which cybersecurity approach to take. Businesses need to be incentivized to do better security, but this does not mean tax breaks or other monetary benefits. No business should expect to be “paid” to protect itself, but they do need to be assured that making the right policy decision on security will not cost them money (beyond the investment) in litigation or needless public shame, and that the risk they take in sharing will actually be beneficial to others.

    The cyber executive order offers little beyond the pride in “doing something” (and doing it before Election Day) and a new set of standards. The claim that these will all be voluntary and will not result in a new bureaucratic and regulatory superstructure is so transparently thin as to be a joke. Such a move might make politicians happy, but it will add little additional security.

    A cybersecurity executive order is poor policy, Mr. President—we can do better.

    Posted in Ongoing Priorities [slideshow_deploy]

    2 Responses to Cybersecurity Will Not Be Solved by a New Executive Order

    1. MollysYes says:

      Not to mention, if Obama DOES push this through before the election, he is sure to lose.

      Cyber security is a scary thought to everyone, conservatives and liberals alike, and word is already out about the possibility of this. People do NOT want the government to have that much power.

      This is a double edged sword- I do not want this, especially this way- but if Obama signs it, he seals his fate as POTUS.

    2. Mary says:

      He's gone around Congress far too many times when it was unnecessary while usurping their authority in his total disregard for the rule of law.

    Comments are subject to approval and moderation. We remind everyone that The Heritage Foundation promotes a civil society where ideas and debate flourish. Please be respectful of each other and the subjects of any criticism. While we may not always agree on policy, we should all agree that being appropriately informed is everyone's intention visiting this site. Profanity, lewdness, personal attacks, and other forms of incivility will not be tolerated. Please keep your thoughts brief and avoid ALL CAPS. While we respect your first amendment rights, we are obligated to our readers to maintain these standards. Thanks for joining the conversation.

    Big Government Is NOT the Answer

    Your tax dollars are being spent on programs that we really don't need.

    I Agree I Disagree ×

    Get Heritage In Your Inbox — FREE!

    Heritage Foundation e-mails keep you updated on the ongoing policy battles in Washington and around the country.