President Barack Obama has signed a directive that sets policy for how the U.S. government handles threats in cyberspace, according to three current and former administration officials familiar with its contents.
The directive opens the door to a bigger role for the Defense Department, directing it to provide civilian agencies with technical help on cybersecurity challenges, according to a former senior intelligence official familiar with the directive.
The directive is separate from an executive order the Obama administration is considering to implement elements of stalled Senate legislation that would set voluntary cybersecurity standards for private-sector infrastructure such as power grids and chemical plants considered essential to national security.
The classified directive, which sets policy for how the government performs cybersecurity operations, updates a document issued in 2004, said a senior administration official who wasn’t authorized to discuss the specifics.
It coincides with administration warnings about potentially damaging cyber attacks. Defense Secretary Leon Panetta said in a speech last month that the Pentagon and American intelligence agencies are seeing an increase in cyber threats that could become as devastating as the Sept. 11 terrorist attacks if they aren’t stopped.
Panetta said the Pentagon is “finalizing the most comprehensive change to our rules of engagement in cyberspace in seven years.” The Pentagon must be prepared to defend its own networks as well as national interests as a whole, he said.
Senate Republicans in August blocked a Obama-backed cybersecurity bill sponsored by Joe Lieberman, a Connecticut independent, and Susan Collins, a Maine Republican. Republicans and the U.S. Chamber of Commerce said the legislation’s standards would be a back door to more government regulation of business and fail to keep pace with evolving cyber threats.
Senate Majority Leader Harry Reid, a Nevada Democrat, said he wants to bring the bill back to the Senate today for a vote.