Congressional inaction on cybersecurity legislation is pushing the Obama Administration to implement its own cybersecurity rules through Administrative Orders. Senate leaders have long sought agreement on new legislation that would enhance and protect the nation’s information technology and computer systems, based on expert advice from leaders in the field. Agreement on how extensive new requirements should be and whether the federal government or the private sector should be defining the framework has produced a legislative impasse for the past two years. Staff in the White House, Senate and House had several negotiating sessions during the August recess but negotiators failed to produce a majority-winning compromise. Senate Majority Leader Harry Reid (D-NV) has reportedly reserved time on the Senate floor in October for consideration, industry leaders claiming this was the last best time for consideration in the current Congress.
Meanwhile, the White House has reportedly drafted an executive order that would, through regulatory authority, accomplish much of what has been deemed non-controversial by negotiators. According to the Democratic Party’s 2012 platform released Sept. 3, Obama supports the Senate cybersecurity bill, but “going forward, the President will continue to take executive action to strengthen and update our cyber defenses.” Senators Dianne Feinstein (D-CA) and John Rockefeller (D-WV) wrote the President last month saying that they endorsed the President’s approach, acknowledging little path beyond the legislative impasse.