As comprehensive cyber security legislation languishes in Congress, President Obama may be close to acting on an executive order.
Set to deliver his State of the Union address on Tuesday, the president is expected to follow up soon after with an executive order on cyber security that is several months in the making. It is expected to establish a program that will ask critical infrastructure operators to meet certain voluntary standards around network protection. The order first was contemplated after security legislation failed last year in the Senate.
According to a Friday Bloomberg story, which cited two former White House officials brief on the plans, the order will recommend that federal agencies apply the standards to existing regulations. In addition, the order will request that the government share additional threat information with the private sector.
A common complaint among security professionals in the private sector is that information sharing often amounts to a one-way street, with corporations often providing intelligence to three-letter agencies, but never receiving much data in return.
It's unclear whether Obama will detail any cyber security plans during Tuesday's address. But the topic certainly is a timely one for him. Two Sundays ago, The New York Times reported that, following a legal review, Obama now has the power to pre-emptively order cyber strikes based on evidence that the country is facing an impending digital attack.