Obama's CIA nominee an advocate for federal cybersec regulations
Since White House cybersecurity coordinator Howard Schmidt left, Brennan has been strong voice on the issue
Computerworld - John Brennan, who was nominated by President Barack Obama today to be the director of the Central Intelligence Agency, has been a vocal advocate for federal cybersecurity legislation in recent months.
As the Deputy National Security Advisor for Homeland Security and Counterterrorism, Brennan has been Obama's chief counterterrorism advisor for four years. In that role, he has frequently called for strong federal legislation to protect government assets and critical infrastructure against cyberattacks.
Last August, Brennan was among four White House officials who called on the U.S. Senate to quickly pass the Cybersecurity Act of 2012, a largely Democrat-backed bill that sought to give the federal government new authority for sharing cyber threat information with the private sector. At the time, the bill was stalled in the Senate; Brennan said passage was "imperative" from a national security standpoint.
Last March, Brennan was part of a team that included the FBI, the National Security Agency and the Department of Justice that conducted a simulated cyberattack on New York City to demonstrate the vulnerability of the city's power grid. The mock attack was part of an effort by the administration to win support for the Cybersecurity Act, a bill that was introduced by Sen. Joseph Lieberman (I-Conn.) but opposed by the Republicans as too prescriptive.
Following the last Congress' failure to pass the bill, the White House said it would consider a cybersecurity executive order that would require government agencies and critical infrastructure owners to implement specific controls for fending off cyberattacks. Brennan is believed to have been heavily involved in writing up a draft version of the order and pushing for it to be issued.
In comments to the Council of Foreign Relations in August, Brennan made it clear that he felt the White House needed to issue guidelines under executive branch authority for securing American interests in cyberspace.
"I would note that executive branch actions under existing authority cannot alter the reality that the United States Government will continue to be hamstrung by outdated and inadequate statutory authorities that the legislation would have addressed," Brennan wrote in a letter to Sen. John (Jay) Rockefeller (D-WVa). "Comprehensive legislation remains essential to improve the cybersecurity of the nation's core critical infrastructure."
John Pescatore, an analyst with Gartner, today said that much of the Brennan's involvement in cybersecurity affairs began only after the departure of White House cybersecurity coordinator Howard Schmidt last May. "He took over the bully pulpit when Schmidt left," Pescatore said. "His real focus [had] been on counterterrorism."
If the nomination is confirmed by the Senate, Brennan will succeed David Petraeus, who quit last year following publicity about an extramarital affair.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Cyberwarfare in Computerworld's Cyberwarfare Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts