One year after President Obama signed an executive order focusing on improving cyber security, an evaluation shows little progress has been made. Recent events at places like Target demonstrate that if the government cannot even promote a better system for retail stores, that little progress has likely been made on protecting nuclear plants and major banks from their susceptibility to cyber attacks.
Nearly a year after President Barack Obama issued an executive order to improve the cybersecurity of the nation’s vital assets, the administration doesn’t have much to show: The government is about to produce only some basic standards, with little incentive for the private sector to participate.
The program’s early weaknesses are a sign that — even as high-profile breaches at Target and other retailers compromise the data of millions of consumers — the White House and Congress have made minimal progress on the potentially more serious issue of protecting power plants, oil pipelines and major banks from a crippling cyberattack.
The administration’s blueprint for such “critical infrastructure,” due this month, is shaping up to be a simple checklist, mirroring well-established industry norms. The standards are entirely voluntary and, so far at least, the White House and Congress haven’t come up with much-needed perks — like tax breaks or federal contracting advantages — that could spur companies to take part.