Cybersecurity review is putting emphasis on privacy

As the National Security Council works on its comprehensive review of federal cybersecurity programs for President Obama, it is going to great lengths to consider privacy and civil liberty issues, some Congress members said Thursday.

The House Cybersecurity Caucus on Thursday met with Melissa Hathaway, the acting senior director for cyberspace for the National Security and Homeland Security Councils, who is conducting for the administration a 60-day cybersecurity review.

Rep. James Langevin (D-R.I.), co-chair of the House Cybersecurity Caucus, said Hathaway has been meeting with privacy and civil liberties groups to receive their input on how to reform cybersecurity.

Those issues are "a forethought rather than an afterthought," he said. "Because these are such powerful tools (to grant federal authorities to regulate cyberspace), we're going to have to have the buy-in of the public and have their support."

While the Senate is working on its own plan for White House-run cybersecurity efforts, Langevin said Hathaway's assessment may ultimately suggest a strategy with a stronger emphasis on inter-agency efforts.

Langevin said it is still unclear whether Hathaway will recommend that a new office for cybersecurity should be created within the Executive Office of the President--a move some senators are pushing for. Certainly, though, policy will have to come from the White House.

"This is going to have to be an ongoing strategy of collaboration and cooperation directed out of the White House," Langevin said. "But there won't be one king, so to speak, at the end of the day. The chief information officers at the departments and agencies are still going to have a role to play."

He said a White House-coordinated cybersecurity strategy may resemble the federal government's current counter-proliferation efforts. He also said Hathaway may recommend increasing staffing at the Office of Management and Budget in order to increase its oversight role of cybersecurity efforts.

Hathaway will also address at the end of her review what the federal government can expect from the private sector, which controls the majority of network infrastructure. The final review may recommend a combination of regulations and incentives to create a stronger public-private partnership, caucus members said.

Langevin said the House Cybersecurity Caucus is working hard to coordinate bipartisan support for a cybersecurity strategy.

"I believe that a cyber 9-11 is a very realistic possibility, and it's something that keeps me up at night," he said. "We're working hard to keep that from happening."