Obama's CIA nominee an advocate for federal cybersec regulations
Since White House cybersecurity coordinator Howard Schmidt left, Brennan has been strong voice on the issue
Computerworld - John Brennan, who was nominated by President Barack Obama today to be the director of the Central Intelligence Agency, has been a vocal advocate for federal cybersecurity legislation in recent months.
As the Deputy National Security Advisor for Homeland Security and Counterterrorism, Brennan has been Obama's chief counterterrorism advisor for four years. In that role, he has frequently called for strong federal legislation to protect government assets and critical infrastructure against cyberattacks.
Last August, Brennan was among four White House officials who called on the U.S. Senate to quickly pass the Cybersecurity Act of 2012, a largely Democrat-backed bill that sought to give the federal government new authority for sharing cyber threat information with the private sector. At the time, the bill was stalled in the Senate; Brennan said passage was "imperative" from a national security standpoint.
Last March, Brennan was part of a team that included the FBI, the National Security Agency and the Department of Justice that conducted a simulated cyberattack on New York City to demonstrate the vulnerability of the city's power grid. The mock attack was part of an effort by the administration to win support for the Cybersecurity Act, a bill that was introduced by Sen. Joseph Lieberman (I-Conn.) but opposed by the Republicans as too prescriptive.
Following the last Congress' failure to pass the bill, the White House said it would consider a cybersecurity executive order that would require government agencies and critical infrastructure owners to implement specific controls for fending off cyberattacks. Brennan is believed to have been heavily involved in writing up a draft version of the order and pushing for it to be issued.
In comments to the Council of Foreign Relations in August, Brennan made it clear that he felt the White House needed to issue guidelines under executive branch authority for securing American interests in cyberspace.
"I would note that executive branch actions under existing authority cannot alter the reality that the United States Government will continue to be hamstrung by outdated and inadequate statutory authorities that the legislation would have addressed," Brennan wrote in a letter to Sen. John (Jay) Rockefeller (D-WVa). "Comprehensive legislation remains essential to improve the cybersecurity of the nation's core critical infrastructure."
John Pescatore, an analyst with Gartner, today said that much of the Brennan's involvement in cybersecurity affairs began only after the departure of White House cybersecurity coordinator Howard Schmidt last May. "He took over the bully pulpit when Schmidt left," Pescatore said. "His real focus [had] been on counterterrorism."
If the nomination is confirmed by the Senate, Brennan will succeed David Petraeus, who quit last year following publicity about an extramarital affair.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Cyberwarfare in Computerworld's Cyberwarfare Topic Center.
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the...
- Gartner Magic Quadrant for Application Security The market for application security testing is changing rapidly. Technology trends, such as mobile applications, advanced Web applications and dynamic languages, are forcing...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Cyberwarfare White Papers | Webcasts