Having a well-balanced backup and disaster recovery plan involves a lot of things, one of which is preparing for threats before they become an issue. Preparing for threats is a very large task, especially for a government mitigating the danger of cyber-attacks. Luckily, a new executive order might help the U.S. government fortify its cyber security protocols.
A recent article on CRN.com explains that in the interest of protecting the security interests of the United States, President Obama is allegedly drafting an executive order focused on cyber security. Many of the critical infrastructures in the U.S. rely on computer systems, and according to the article, many of these systems are outmoded and pose a security risk for cyber-attacks.
The Associated Press reportedly obtained a draft copy of the proposed order that will create a council in charge of cyber security for the nation’s infrastructure, under the Department of Homeland Security.
CRN explains that the panel would likely be made of representatives from several government agencies, including the Department of Defense, and the Department of Commerce’s National Institute of Standards and Technology. The panel would issue a report on various threats and vulnerabilities of the nation’s critical infrastructure, and make recommendations for protection. The recommendations may include the modification of present procedures and the addition of new ones.
The article says that critical infrastructure, including gas pipelines, water supply, transport, and power grids, are on systems with outmoded information security measures which could make them susceptible to attack from weapons-grade malware that may be available to enemies of the U.S.
While most agree that national cyber security is a growing issue, and that new mandates need to be put into action, some disagree that an executive order is the proper process to implement them. Critics explain that because of the nature of an executive order, there is no room for the democratic exchange of ideas and that congress couldn’t propose alternatives.
While the executive order is by no means concrete at this point, the article mentions that a few cyber bills have gone through senate already. While these bills have good intentions going in, they become distant shadows of the original once the senate passes them, and many important things are often left out, which leaves people to wonder if an executive order is necessary to ensure that important items are included.
Experts claim that although the government currently has line items for information security items like anti-virus and firewall issues, they are all flawed and dependent on old technology. The current requirements are not on track with the available technologies, and need an update.
According to the article, experts agree that an attack upon critical national infrastructure is more than likely to happen. Weapons grade malware and viruses do exist, and have been used. It’s important for the United States to protect its critical infrastructure in a world where cyber-attacks can be considered a legitimate act of war.