By Shepard Ambellas
President Obama likely intends to sign a new executive order on Cybersecurity expanding dictatorial powers most likely giving the Department of Homeland Security (DHS) even more control over infrastructure. Forming adequate cybersecurity protection as an individual, private corporation, or government entity is a task in present times as technology, hackers, and cyber terrorists are advancing at rapid rates.
But should it be up to the government to be in charge of our individual, private, and corporate cyber security issues? Apparently the Obama Administration thinks so. In fact he is so adamant on the issue that he is planning to circumvent the Senate with an Executive Order (EO) as they have failed to pass S. 3414, the 2012 Cyber Security Act (CSA) twice now in a lame duck session.
But why is the government so interested in the cyber security of individual private corporations, and infrastructure? It is logical to assume the government would want to protect secure government operations, and installations including critical infrastructure, but with the new Executive Order private corporations would be required to submit sensitive security data to the government by law. The first part of the Presidential draft of the Executive Order entitled “IMPROVING CRITICAL INFRASTRUCTURE CYBERSECURlTY” submitted late November 2012 reads;
By the Authority vested in me as President by the Constitution and laws of the United States of America, it is hereby ordered as follows:
Sec. I. Policy. Repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity. The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront. The national and economic security of the United States depends on the reliable functioning of the Nation’s critical infrastructure in the face of such threats. It is the policy of the United States to enhance the protection and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties. We will achieve these goals through a partnership with the owners and operators of critical infrastructure that includes cybersecurity information sharing and the collaborative development and the adoption of risk based standards.
The first paragraph of the proposed Executive Order spells it out, it is a forced partnership between government and private corporations and/or individuals. But why else would the Obama administration be so adamant on passing a “Cybersecurity Act”? This very question might be answered in the failed senate bill.
It’s interesting to point out that in SEC 404 of S. 3414, the 2012 Cyber Security Act (CSA) entitled “FEDERAL CYBER SCHOLARSHIP-FOR-SERVICE PROGRAM”reads;
SEC. 404. FEDERAL CYBER SCHOLARSHIP-FOR-SERVICE PROGRAM.
(a) IN GENERAL.—The Director of the National Science Foundation, in coordination with the Secretary, shall establish a Federal Cyber Scholarship-for-Service program to recruit and train the next generation of information technology professionals, industry control system security professionals, and security managers to meet the
- 1 needs of the cybersecurity mission for the Federal Govern-
- 2 ment and State, local, and tribal governments.
- 3 (b) PROGRAM DESCRIPTION AND COMPONENTS.—
- 4 The program established under subsection (a) shall—
- 5 (1) incorporate findings from the assessment
- 6 and development of the strategy under section 405;
- 7 (2) provide not more than 1,000 scholarships
- 8 per year, to students who are enrolled in a program
- 9 of study at an institution of higher education leading
- 10 to a degree or specialized program certification in
- 11 the cybersecurity field, in an amount that covers
- 12 each student’s tuition and fees at the institution and
- 13 provides the student with an additional stipend;
- 14 (3) require each scholarship recipient, as a condition of receiving a scholarship under the program,
- 16 to enter into an agreement under which the recipient
- 17 agrees to work in the cybersecurity mission of a
- 18 Federal, State, local, or tribal agency for a period
- 19 equal to the length of the scholarship following receipt of the student’s degree if offered employment
- 21 in that field by a Federal, State, local, or tribal
- 22 agency;
- 23 (4) provide a procedure by which the National
- 24 Science Foundation or a Federal agency may, consistent with regulations of the Office of Personnel
Management, request and fund security clearances for scholarship recipients, including providing for clearances during summer internships and after the recipient receives the degree; and
(5) provide opportunities for students to receive temporary appointments for meaningful employment in the cyber security mission of a Federal agency during school vacation periods and for internships. (c) HIRING AUTHORITY.—
(1) IN GENERAL.—For purposes of any law or regulation governing the appointment of individuals in the Federal civil service, upon receiving a degree for which an individual received a scholarship under this section, the individual shall be—
(A) hired under the authority provided for in section 213.3102(r) of title 5, Code of Federal Regulations; and
(B) exempt from competitive service.
(2) COMPETITIVE SERVICE POSITION.—Upon satisfactory fulfillment of the service term of an individual hired under paragraph (1), the individual may be converted to a competitive service position without competition if the individual meets the requirements for that position.
(d) ELIGIBILITY.—To be eligible to receive a scholar- ship under this section, an individual shall—
(1) be a citizen or lawful permanent resident of the United States;
(2) demonstrate a commitment to a career in improving the security of information infrastructure; and
(3) have demonstrated a high level of pro- ficiency in mathematics, engineering, or computer sciences.
(e) REPAYMENT.—If a recipient of a scholarship
under this section does not meet the terms of the scholar- ship program, the recipient shall refund the scholarship payments in accordance with rules established by the Di- rector of the National Science Foundation, in coordination with the Secretary.
(f) EVALUATION AND REPORT.—The Director of the National Science Foundation shall evaluate and report periodically to Congress on the success of recruiting individ- uals for the scholarships and on hiring and retaining those individuals in the public sector workforce.
These trainees will then eventually become Federal employees. The bill continues to explain how all Federal Contractors will be required to have cyber security training;
SEC. 407. TRAINING AND EDUCATION.
(a) DEFINITION.—In this section, the term ‘‘agency information infrastructure’’ means the Federal information infrastructure of a Federal agency.
(1) FEDERAL GOVERNMENT EMPLOYEES AND
FEDERAL CONTRACTORS.—The Director of the Office of Personnel Management, in coordination with the Secretary, the Director of National Intelligence, the Secretary of Defense, and the Chief Information Officers Council established under section 3603 of title 44, United States Code, shall establish a cybersecurity awareness and education curriculum that shall be required for all Federal employees and contractors engaged in the design, development, or operation of an agency information infrastructure or the Federal information infrastructure.
(2) CONTENTS.—The curriculum established under paragraph (1) shall include, at a minimum— (A) role-based security awareness training;
(B) recommended cybersecurity practices;
(C) cybersecurity recommendations for traveling abroad;
(D) unclassified counterintelligence information;
(E) information regarding industrial espionage;
(F) information regarding malicious activity online;
(G) information regarding cybersecurity and law enforcement;
(H) identity management information;
HEN12160 S.L.C. 133
- 1 (I) information regarding supply chain se-
- 2 curity;
- 3 (J) information security risks associated
- 4 with the activities of Federal employees and
- 5 contractors; and
- 6 (K) the responsibilities of Federal employ-
- 7 ees and contractors in complying with policies
- 8 and procedures designed to reduce information
- 9 security risks identified under subparagraph
- 10 (J).
- 11 (3) FEDERAL CYBERSECURITY PROFES-
- 12 SIONALS.—The Director of the Office of Personnel
- 13 Management in conjunction with the Secretary, the
- 14 Director of National Intelligence, the Secretary of
- 15 Defense, the Director of the Office of Management
- 16 and Budget, and, as appropriate, colleges, univer-
- 17 sities, and nonprofit organizations with cybersecurity
- 18 training expertise, shall develop a program to pro-
- 19 vide training to improve and enhance the skills and
- 20 capabilities of Federal employees engaged in the cy-
- cybersecurity mission, including training specific to the
- 22 acquisition workforce.
- 23 (4) HEADS OF FEDERAL AGENCIES.—Not later
- 24 than 30 days after the date on which an individual
- 25 is appointed to a position at level I or II of the Ex-
HEN12160 S.L.C. 134
- 1 ecutive Schedule, the Secretary and the Director of
- 2 National Intelligence shall provide that individual
- 3 with a cybersecurity threat briefing.
- 4 (5) CERTIFICATION.—The head of each Federal
- 5 agency shall include in the annual report required
- 6 under section 3554(c) of title 44, United States
- 7 Code, as amended by this Act, a certification regard-
- 8 ing whether all employees and contractors of the
- 9 Federal agency have completed the training required
- 10 under this subsection.
- 11 (c) EDUCATION.—
Essentially what the Obama Administration wants from this failed senate bill is an all out Hitlerian style intergovernmental spy ring that ultimately will turn the country into a total self policing slave society with lack of individual thought, expression, or liberties. If the senate won’t pass it, don’t fear your Dictator-in-Chief will by way of executive order.
According to a report written by Jason Miller;
The draft order gives agencies several deadlines to meet, either by writing reports or creating and implementing frameworks.
For instance, 90 days after the EO is signed by President Barack Obama, the cybersecurity council — led by the Homeland Security Department secretary — must develop a report to determine which agencies should regulate which parts of the critical infrastructure. The creation of the council is in section 2 of the draft EO.
Under earlier cyber bills, DHS would take the lead in regulation, and that concerned some lawmakers and experts. It was a major sticking point in moving forward with a vote on a comprehensive bill.
“An executive order is one of a number of measures we’re considering as we look to implement the President’s direction to do absolutely everything we can to better protect our nation against today’s cyberthreats,” said a National Security Council spokeswoman in an email statement. “We are not going to comment on ongoing internal deliberations.”
Read more articles by this author HERE.