WASHINGTON, D.C. - DecodeDC has learned that the White House is organizing a big push to address cybersecurity. This comes just two weeks after one of the worst U.S. security breaches was revealed at JPMorgan Chase, and two weeks before midterm Congressional elections are held across the country.
Sources have confirmed to DecodeDC that the White House is putting together a cybersecurity task force of industry leaders, including representatives from the financial and security sectors to look into the problems currently plaguing the country’s critical infrastructure and financial systems. The plan could be announced as early as this week.
The White House also plans to implement chip and pin technology--also known as EMV or, Europay, MasterCard and Visa--within government agencies, according to an industry source.
The task force comes on the heels of an announcement last week by White House cybersecurity coordinator Michael Daniel that the administration hopes to help roll out piecemeal legislation that would, in part, give the Department of Homeland Security a larger role in working with private companies whose systems are compromised.
At an event hosted by the Christian Science Monitor Oct 9, Daniel told the crowd, “I think it's easier to get smaller pieces through rather than one big cybersecurity bill,” saying the administration will focus on "getting whatever we can passed" and using whatever legislation possible.
Members have had little luck passing expansive cybersecurity legislation in the past, but the White House hopes a piecemeal approach will be more successful.
“The computer security and cyber security bills pop up every year, year after year. They started around 2010. Since that year there hasn’t been anything passed,” said Mark Jaycox, legislative analyst for the Electronic Freedom Foundation. “In the past they have tried to include an information sharing bill, a legal immunity bill for companies and a research development bill in one bill—and those bills have failed every time.”
USA Today reports the administration is seeking legislation that would have a large DHS component, at times giving the department more authority to fight cyber terrorists and work with private businesses when cyber breaches are detected --even companies who may not want the extra hand.
But an enhanced DHS role with private companies, when there is already an informal one in place, has also raised some red flags.
“What a shockingly bad idea. You don’t want government dictating good security practice,” said Sascha Meinrath, director of the X-Lab, a privacy conscious technology group. “I can’t think of a better caution than all of the focus on the recent Edward Snowden data. There are conflicting priorities. [The National Security Agency] was staffed to do just this--secure American communications and protect them and it is arguably one of the worst violators of that. So why do we think that having DHS in charge of the data will improve the outcome over time?”
The timing of this White House action may also be politically significant. Congressional midterm elections are only weeks away, and millions of Americans -- many of them voters -- have already been affected by cyber-attacks just this past year.
“Cybersecurity is one of those areas where everyone is in agreement that we have to improve digital information,” said Meinrath. “It’s a non-reactive statement to say we should stop hackers—so it’s a safe thing to talk about before the elections.”