President Obama could use tonight's State of the Union address to continue a push for new cybersecurity legislation, even as he's widely expected to issue an executive order Wednesday to impose rules aimed at protecting critical infrastructure targets, security experts say.
The long-expected executive order stems from what the White House has long said is the need for immediate action to protect critical assets against cyber threats because of Congress' continued failure to pass legislation.
The order would create a voluntary program calling for federal agencies and owners of critical infrastructure to adopt a set of minimum security standards and information sharing practices between government and the private sector.
Details of the executive order are expected to be disclosed tomorrow at a press conference hosted by the U.S. Department of Commerce.
The event, touted as announcing an update to the Obama Administration's Priorities for Cybersecurity Policy, will include remarks from several high-ranking officials, such as Rebecca Blank, deputy secretary of the U.S. Department of Commerce, Michael Daniel, special assistant to the President and White House cybersecurity coordinator, and General Keith Alexander, commander of the U.S. Cyber Command.
The timing of the event suggests that Obama will talk about cybersecurity matters in the State of the Union address, said John Pescatore, director of emerging security trends at the SANS Institute in Bethesda, Md.
With a widely reported hack of Federal Reserve systems and recent intrusions into several major U.S. newspapers, cybersecurity "seems like it is worth a timely presidential mention," Pescatore said. "He might say 'here' s what my administration is doing, I urge Congress to act.'"
It wouldn't be the first time Obama has urged action on cybersecurity.
Since the beginning of his first term, Obama, John Brennan, recently nominated by the president to be director of the CIA, and other administration officials have unsuccessfully called on Congress to pass cyber legislation.
Last week, James Langevin (D-RI), a member of the House Intellgence Committee and co founder of the bipartisan Congressional Cybersecurity Caucus, urged the president to use the State of the Union platform to demand immediate action from Congress .
In a letter to Obama, Langevin lamented the inadequacy of existing legislation to secure U.S assets in cyberspace and urged the president to use the address to "galvanize" Congress on the need to establish cybersecurity rules.
"While I trust that you will use every existing avenue of executive power to improve our capabilities in this realm, our current laws simply do not reflect the amazing technological advances (and the accompanying challenges) that have been made since their enactment," Langevin wrote.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.