West Coast – January 2012 Policy Update
West Coast – January 2012 Policy UpdateTable Of Contents TOC \o "1-3" \h \z \u West Coast – January 2012 Policy Update PAGEREF _Toc314051888 \h 1Table Of Contents PAGEREF _Toc314051889 \h 2Cybersecurity DA PAGEREF _Toc314051890 \h 31NC Cyber Security DA 1/2 PAGEREF _Toc314051891 \h 41NC Cyber Security DA 2/2 PAGEREF _Toc314051892 \h 5Cybersecurity Will Pass – General PAGEREF _Toc314051893 \h 6Cybersecurity Will Pass – Momentum PAGEREF _Toc314051894 \h 7Cybersecurity Will Pass – Experts PAGEREF _Toc314051895 \h 8Cybersecurity Will Pass – Bipartisan PAGEREF _Toc314051896 \h 9AT: Piecemeal Approach Dooms Cybersecurity PAGEREF _Toc314051897 \h 10Cybersecurity Is Top Of The Docket PAGEREF _Toc314051898 \h 11Obama Is Pushing Cybersecurity PAGEREF _Toc314051899 \h 12AT: No Cybersecurity Legislation Exists PAGEREF _Toc314051900 \h 13AT: Gridlock Means Nothing Can Pass PAGEREF _Toc314051901 \h 14AT: Recess Appointments Hurt Capital PAGEREF _Toc314051902 \h 15AT: XOs Hurt Capital PAGEREF _Toc314051903 \h 16AT: Keystone XL Hurts Capital PAGEREF _Toc314051904 \h 17AT: Debt Ceiling Hurts Capital PAGEREF _Toc314051905 \h 18Political Capital Key To Cybersecurity PAGEREF _Toc314051906 \h 19Cybersecurity Bill Solves PAGEREF _Toc314051907 \h 20Cybersecurity Bill Would Stop Cyberterrorism PAGEREF _Toc314051908 \h 21Cyber Attacks Bad – Impact Calc PAGEREF _Toc314051909 \h 22Cyber Attacks Bad – Econ PAGEREF _Toc314051910 \h 23Cyber Attacks Bad – Grid PAGEREF _Toc314051911 \h 24Cyber Attacks Bad – Deterrence PAGEREF _Toc314051912 \h 25Cyber Attacks Bad – Nuclear Launch PAGEREF _Toc314051913 \h 26Cyber Attacks Bad – Space War PAGEREF _Toc314051914 \h 27Cyber Terror Is Likely PAGEREF _Toc314051915 \h 28Cybersecurity DA Answers PAGEREF _Toc314051916 \h 29Obama Has No Political Capital PAGEREF _Toc314051917 \h 30Payroll Tax Cut Drains Capital PAGEREF _Toc314051918 \h 31Payroll Tax Cut = Top Of Docket PAGEREF _Toc314051919 \h 32Obama Won’t Spend Capital On Cybersecurity PAGEREF _Toc314051920 \h 33Payroll Tax Cut Will Not Be A Win PAGEREF _Toc314051921 \h 34Appointments Will Drain Political Capital PAGEREF _Toc314051922 \h 35Cyberterrorism Won’t Happen PAGEREF _Toc314051923 \h 36Cyberterrorism Would Not Have An Impact PAGEREF _Toc314051924 \h 37AT: Al Qaeda Can Do Cyberattack PAGEREF _Toc314051925 \h 38Cybersecurity Legislation Fails PAGEREF _Toc314051926 \h 39Cybersecurity DA1NC Cyber Security DA 1/2Cyber security bill will pass in the status quoJudy Greenwald, staff writer, 1-1-2012, “Data breach notification could benefit from federal action,” Business Insurance, is growing consensus that federal legislation is needed to address the 47 different state approaches to data breach notification, but passage of a comprehensive federal bill is less than certain, experts say. Many say a polarized Congress may find itself unable to take decisive action, particularly given that this is an election year. As a result, many observers are, at best, cautiously optimistic. According to one estimate, 30 to 40 pieces of cyber risk legislation already have been proposed in Congress. Observers say a uniform federal law governing notification of data beaches would be welcome, but it should pre-empt related state laws if it is going to be successful. For instance, the Senate Judiciary Committee last year approved three Democrat-backed data breach bills. On the related issue of security, a House Republican task force last year said Congress should give companies incentives to boost their cyber defenses, but also said that tough regulation may be warranted for potentially critical facilities such as power and water plants. However, “In an election year, a lot of things don't get done with a stalemated Congress,” said John F. Mullen, an attorney with Nelson Levine de Luca & Horst L.L.C. in Blue Bell, Pa. “I just question” whether there will be movement “unless it's to someone's benefit that it does happen.” Shawn Edward Tuma, a partner with BrittonTuma P.L.L.C. in Plano, Texas, said, “I believe that before the end of 2012, there's a pretty good chance we will be getting legislation that helps,” although “I don't know if it'll go all the way toward what a lot of people are seeking.” “It's a difficult climate to pass legislation, but if one thing can make it through, it will be a cyber security bill.” said Jacob Alcott, a principal at Alexandria, Va.-based Good Harbor Consulting and former counsel to the Senate Committee on Commerce, Science, and Transportation. The Plan costs Obama political capital< Insert >Obama’s Political Capital is key to the billEric Chabrow, executive editor, 2-11-2010, “What Next? Cybersecurity Legislation in the Senate,” Bank Info Security, final decision on the legislation likely will occur during hard-nosed negotiations held behind closed doors in once smoke-filled rooms. The negotiators will include the key cybersecurity bills' sponsors, aided by their staffs. The Obama administration's new cybersecurity coordinator, Howard Schmidt, spent part of his first week on the job last month meeting with some of these players, and likely told them what the White House would like to see in a cybersecurity law. "I imagine Howard would be personally involved representing the administration's priorities in this area to the Senate," former federal CIO Karen Evans said. But, as seen in the healthcare legislation, it's what the members of Congress want in a bill, and not necessarily the provisions the president seeks, that gets in the final version. Still, as Carper said last year, in shaping legislation, Congress would want to produce a bill the president will sign. "Sometimes we focus a whole lot on just getting something through the Senate without thinking about the executive branch or thinking about the House, and it has got to be that we think of those two as well, the administration and our House colleagues," Carper said in an interview with . Horse Trading Though there's general agreement among lawmakers for the need for new laws to help secure the government IT systems and the nation's critical IT infrastructure, elements to any comprehensive cybersecurity measure will be a challenge to piece together. "I am sure there is a lot of horse trading around various items in the bills," a former Department of Homeland Security senior IT leader said. The puzzle piece that's received the most attention this past year is how high up in the White House hierarchy should the president's IT security adviser be positioned? Schmidt does not report directly to the president, though President Obama has promised to meet with him from time to time. Schmidt reports through the national security adviser. Some lawmakers feel the current situation is fine; others, like Rockefeller and Snowe, seek to establish an Office of Cybersecurity with its Senate-confirmed chief - the current post requires no Senate approval - reporting directly to the president. Another thorny issue is how much authority should be given to the Department of Homeland Security in overseeing other civilian agencies' cybersecurity budgets. One version of Carper's bill does just that, though it's unclear whether that provision remains. The role the National Security Agency plays in monitoring Internet traffic to and from government sites is another issue where agreement isn't guaranteed. A potentially most divisive issue could be how much regulation the government should impose on businesses controlling the nation's critical IT infrastructure - about 85 percent of such IT systems are controlled by the private sector - a subject that could cripple a comprehensive cybersecurity bill. "If the bill starts to get heavily laden with new regulatory requirements or pull-the-plug language" - a reference to a provision in the Rockefeller-Snowe bill to authorize the president to shutter Internet traffic to and from federal systems in a cyber emergency - "then the legislation will get bogged down," said Greg Garcia, former DHS assistant secretary for cybersecurity and communications. Still, the major roadblock to enactment of a cybersecurity law this year is all the other stuff going on in the nation and the world. Creating jobs, reforming healthcare insurance, fighting two wars and battling global climate take up a lot of bandwidth of the Senate, House and the president.1NC Cyber Security DA 2/2Cyber defenses are weakening – legislation protecting critical infrastructure keyFahmida Rashid, staff writer, 10-30-2011, “Cyber-Attackers Already Targeting Critical Infrastructure: DHS,” eWeek, are already targeting the country's financial services, transportation and other critical infrastructure and have come close to crashing portions of them. Cyber-attacks have already come close several times to shutting down parts of the country's critical infrastructure, according to the U.S. Department of Homeland Security Secretary. The number of cyber-attacks on financial systems, transportation and other networks is growing, Secretary Janet Napolitano said at an Oct. 28 event on cyber-security in Washington, D.C. hosted by The Washington Post. When asked how many attacks may have occurred during the course of the 45 minute question-and-answer session at the event, Napolitano told the audience, "Thousands." Some cyber-assaults had come close to crashing key infrastructure. There have been attempts on Wall Street, transportation systems, and "things of those sorts," Napolitano said. The Wall Street attack may be a reference to an attack on the Nasdaq stock exchange a year ago. "I think we all have to be concerned about a network intrusion that shuts down part of the nation's infrastructure in such a fashion that it results in a loss of life," Napolitano said, noting that it was still theoretical and there hasn't been any deaths yet as a result of these attacks. In fiscal year 2011, the United States Computer Emergency Readiness Team responded to more than 100,000 incident reports and released more than 5,000 actionable cyber-security alerts and information products, she said. Department of Homeland Security networks have been probed by adversaries attempting to breach systems. Napolitano declined to discuss the specifics of the intrusion. Congress needs to act to enact legislation to protect critical infrastructure, Napolitano said. One of the problems facing the United States in defending against cyber-attackers is the fact that current international law, rules of conflict and government policies have not really kept up with the changes in cyber-threats.Perception of weak US cyber defense undermines deterrence – causes nuclear warGeneral Eugene E. Habiger, USAF, commander in chief, United States Strategic Command, Offutt Air Force Base (Ret.), 2-1-2010, “CYBERWARFARE AND CYBERTERRORISM: THE NEED FOR A NEW U.S. STRATEGIC APPROACH”, potential that an enemy might use a cyberattack to soften physical defenses, increase the gravity of harms from kinetic attacks, or both, significantly increases the potential harms from a cyberattack. Consider the gravity of the threat and risk if an enemy, rightly or wrongly, believed that it could use a cyberattack to degrade our strategic weapons capabilities. Such an enemy might be convinced that it could win a war—conventional or even nuclear—against the United States. The effect of this would be to undermine our deterrence‐based defenses, making us significantly more at risk of a major war.Cybersecurity Will Pass – GeneralCybersecurity is top of the docket, good chance of passing and PC is keyJudy Greenwald, staff writer, 1-1-2012, “Data breach notification could benefit from federal action,” Business Insurance, Diamond, New York-based focus group leader for technology, media and business services for Beazley Group P.L.C., said the prospect that federal legislation will pass is very good. She said she believes there is strong bipartisan support for a federal cyber security law, and many versions of potential legislation are pending in Congress. “I think what's been missing is somebody really showing some leadership,” Ms. Diamond said. “What we've seen in the past last few weeks is that Senate Majority Leader Harry Reid, D-Nev., is looking to break that gridlock and get some movement.” When Congress returns this month from its recess, “I think you're going to see some real movement,” she said.Consensus ensures cybersecurity passage Jason Miller, staff writer, 10-28-2011, “White House grading agency cyber progress,” Federal News Radio, said lawmakers have a strong commitment to move forward and he remains optimistic. But Olcott said getting the comprehensive cyber bill through both houses of Congress depends on time — of which there is little — and Congress still has a lot to get done. "There is a lot of common ground when you think about information sharing and roles and responsibilities of certain federal agencies, and certainly reforming the Federal Information Security Management Act," he said. "The devil is always in the details. That is where members and staff have been spending their time trying to figure out how to write the legislation and reflect their priorities." The House and Senate are taking different paths to a final bill, Olcott said. The House formed a cyber task force and has been holding hearings and investigations. Congressman Mac Thornberry (R-Texas) issued the task force's cybersecurity legislative recommendations. Olcott said each House committee with jurisdiction over cyber likely will come up with their own legislation that will have to be worked through the committee process. The Senate, however, is further along. The upper chamber's lawmakers are closer to a comprehensive bill. "We ended the meeting with the theme that we have to move forward with a bill," Schmidt said of his meetings on the Hill. "There was a strong commitment to move forward." GOP support increases risk of passageJoseph Menn, staff writer, 10-12-2011, “Republicans back cybersecurity law push,” Financial Times, signalled support for major legislation aimed at bolstering US cybersecurity – giving such a law an improved chance of passage – with their first policy recommendations on the issue.Cybersecurity Will Pass – MomentumCybersecurity will pass – momentumJeffrey Roman, staff writer, 12-12-2011, “Cybersecurity Law: Overcoming the Details,” GovInfo Security, , who spent years on Capitol Hill as a top staffer on cybersecurity matters, says all the wheels are in motion in order to achieve substantial legislation. "Members and staff are absolutely committed to putting forward a bill," Olcott says in an interview with Information Security Media Group's Eric Chabrow (transcript below). But there are many questions to be answered, Olcott explains. "What's the role of the Department of Homeland Security in this? What's the role of first-party regulators? Where do existing regulations fall down and what should the government be asking the private sector to do?" Olcott asks. However, with all the delays in passing legislation, Olcott, who has worked for Senate Commerce Committee Chairman Jay Rockefeller, D-W.Va., and Rep. Jim Langevin, D-R.I., founder of the House Cybersecurity Caucus, has seen progress in efforts to create IT security policy. One such example is Rockefeller's efforts to get the Securities and Exchange Commission to issue guidance that explains how companies should report cyber incidents that could have an adverse affect on their finances or operations (See SEC issues Cyber-Incident Guidance). And legislation will come as well. "The debate has been very robust and there are a lot of members who are participating in it now," Olcott says. "I don't think it's a matter of if, but when." In the interview, which took place before the Senate Majority Leader Harry Reid announced that the chamber will debate cybersecurity legislation early next year (see Senate to Take Up Infosec Bill in Early 2012), Olcott also explains: Why Congress takes so long to enact comprehensive cybersecurity legislation. How different cultures in the House and Senate affect how lawmakers approach cybersecurity legislation. Why, despite challenges, Congress will enact comprehensive cybersecurity legislation.Cybersecurity will pass – bipartisan and momentumSue Marquette Poremba, staff writer, 12-19-2011, “Capitol Hill Sees a Flurry of Cybersecurity Bills to End 2011,” there has been plenty of news about what Congress has not done in the waning days of 2011, you can’t say that there hasn’t been a focus on cybersecurity. There has been a flurry of activity on Capitol Hill and within federal agencies to develop some sort of cybersecurity plan. Late last week, legislation was approved by the House Homeland Security Committee to set up an organization to oversee the exchange of cybersecurity information. The bill is named the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PrECISE Act). In a political landscape where no one seems to agree, cybersecurity issues seem to gather non-partisan support. The PrECISE Act is Republican-led legislation. On the other end of Pennsylvania Avenue and the other side of the political aisle, Howard Schmidt, the White House cyber coordinator, introduced a new strategy for cybersecurity research and development. Right now, government agencies spend $1 billion a year on non-classified cyber R&D, but there was no real government coordination of those projects. In an interview with Federal News Radio, Schmidt said the purpose of the plan is to better coordinate efforts to neutralize cyber attacks while saving money. According to the Federal News Radio article, the strategy calls for an R&D focus around four specific areas. They are:Cybersecurity will pass this session – senators see it as urgentEric Engleman, staff writer, 11-1-2011, “Napolitano Presses U.S. Lawmakers to Act on Cybersecurity Bill,” Bloomberg, , Power Plants Homeland Security officials have pointed to the potentially catastrophic effect of such an attack on important facilities such as a chemical or power plant. The majority of such sites are owned or operated by the private sector. Senators from both parties last week stressed the need for “urgent legislative action” on cybersecurity at a briefing convened by the White House last week, Napolitano said. Napolitano expressed optimism that Congress would take action this session, and said disagreements have come down to the question of government mandates versus industry incentives to boost cybersecurity defenses.Cybersecurity Will Pass – ExpertsCybersecurity will pass – expertsDan Lohrmann, staff writer, 12-18-2011, “What is the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness (PrECISE) Act?” GovTech, interesting thing about this legislation is that it brings together the various political sides which all recognize that action is needed, but can’t seem to agree on much right now. Many experts now see cybersecurity legislation moving forward in a bipartisan fashion in early 2012.Experts agree – gets GOP on board and overcomes oppositionGautham Nagesh, staff writer, 10-30-2011, “House Dem: Senate cybersecurity bill could spur House to act,” The Hill, the apparent divide between the two chambers on the details of comprehensive cybersecurity legislation the passage of a Senate bill would put pressure on the House to act, according to Rep. Jim Langevin (D-R.I.). Few lawmakers have more experience on the issue than Langevin, the co-founder of the bipartisan Congressional Cybersecurity Caucus, and he expressed optimism to The Hill recently that some form of legislation to improve the security of private sector networks would pass Congress this year. "I think the Senate passing something would be a major gamechanger and a major step forward in seeing comprehensive cybersecurity legislation pass Congress this year," Langevin said. " Absent that, I think this thing kind of goes on in fits and starts." The White House and Senate appear to be in agreement on both the urgency and broad outline of cybersecurity legislation; at a classified meeting earlier this month Obama administration officials stressed the need to pass legislation to update federal standards this year. White House cybersecurity coordinator Howard Schmidt called the meeting "very encouraging" in a blog post published Friday emphasizing the urgent need for new federal cybersecurity regulations to cover private sectors deemed critical such as utilities, communications providers and financial institutions. "Unfortunately, time is not on our side. Since the White House delivered the Administration’s proposal to Congress, a number of new security breaches have been reported," Schmidt said. "We need Congressional leaders to move forward with a cross-committee and bipartisan approach." But House Republicans appear resistant to the regulatory approach favored by Democrats and the White House, which would embrace a broader definition of critical infrastructure and give the Department of Homeland Security more authority to force private firms to comply with federal cybersecurity standards. The GOP unveiled their own recommendations for comprehensive cybersecurity legislation recently that favor incentives and information-sharing over government mandates. They also restrict the new rules to nuclear power, water treatment faciliites and other high-regulated sectors. Langevin said his reaction to the Republican proposal was generally positive and suggested there is room for compromise between the two parties, particularly since there is bipartisan support for legislation that would allow firms to share more information on cyber threats without incurring legal liability.Cybersecurity Will Pass – BipartisanCybersecurity will pass – BipartisanshipHoward A. Schmidt, the Cybersecurity Coordinator and Special Assistant to the President, 10-28-2011, “The Time is Ripe for Cybersecurity Legislation,” The White House Blog, , time is not on our side. Since the White House delivered the Administration’s proposal to Congress, a number of new security breaches have been reported. We need Congressional leaders to move forward with a cross-committee and bipartisan approach. Some good news: just last week, we had a very encouraging meeting with a bipartisan group of Senators that ended with agreement to work together to enact cybersecurity legislation as soon as possible. The time is ripe to make proposal into law, and give the government and private sector the extra tools needed to fight those who would harm us.Broad consensus across parties and committeesAmber Corrin, staff writer, 10-11-2011, “Will congressional infighting stall cybersecurity laws?” Federal Computer Week, . Ben Cardin (D-Md.) expressed confidence that cybersecurity legislation will pass this year. But for Congress to actually address the issues in the form of lawmaking, it will require a move away from the infighting that has marred Capitol Hill operations of late. And time is running out as the year draws to a close. “There is broad consensus across political lines, across committee lines. There is a general agreement of key things that need to be done. We’re fighting over how to do it. If you look at politics today, we cannot agree on anything. You could have a resolution to praise baseball and motherhood and someone would object to it,” said Jeff Greene, senior counsel on the majority staff of the Senate Homeland Security and Governmental Affairs Committee. But Greene stressed that the cause isn’t doomed just yet. “There is consistent agreement among the people spending a lot of time looking at these [cybersecurity] issues on a, that something needs to be done and b, on the basic things we need to do. That gives me hope. What makes me nervous is that we’re running down the clock. The next 30 to 45 days will be key to whether we pass anything this year,” he said.Piecemeal approach and bipartisan consensusJohn K. Higgins, staff writer, 10-18-2011, “Cybersecurity Proposals Begin to Meld,” Technewsworld, for enacting an ambitious and comprehensive national cybersecurity protection program during this year's congressional session may be fading. That's the bad news. The good news is that various approaches to a cybersecurity agenda may be melding into a program that is acceptable to politicians of both parties and to e-commerce businesses as well. In addition, it now appears that the way to achieve legislative success is to enact smaller, more manageable components of a cybersecurity program rather than a major comprehensive bill. In a move to speed up the legislative process, House Speaker John Boehner. R-Ohio, charged a special task force to come up with a set of cybersecurity recommendations embracing the interests of nine different House committees that have jurisdiction in IT protection. The House Republican Cyber Security Task force unveiled its recommendations Oct. 5. "These recommendations provide sound, concrete steps to help strengthen our cybersecurity now, while also highlighting issues that need more work," said Rep. Mac Thornberry, R-Texas, who chaired the group. Breaking the Logjam A major thrust of the task force effort appeared to reflect legislative realities for avoiding procedural logjams. AT: Piecemeal Approach Dooms CybersecurityPiecemeal approach doesn’t doom passageJohn K. Higgins, staff writer, 10-18-2011, “Cybersecurity Proposals Begin to Meld,” Technewsworld, report focuses on four components of cyberprotection -- each of which could be addressed by an individual bill. "Legislative packaging and vehicles must, of course, be decided by the House leadership, but we are generally skeptical of large, 'comprehensive' bills on complex topics, at least as the bills are being written. Individual bills could, of course, be packaged together at some point later in the legislative process," the report notes. A few components could be addressed individually to move legislation along, suggested Thornberry. Separate proposals dealing with incentives for business, information sharing, and the updating of relevant laws "can lead to real progress rather than more gridlock like we have seen with larger proposals." Key lawmakers from different parties viewed the House report favorably. "The recommendations offered by the House Task Force are another sign that members in both chambers and on both sides of the aisle recognize that we must take steps to better protect America's critical data and infrastructure networks," said Sen. Tom Carper, D-Del. "While we might differ in some areas, we agree in others. We should come together and redouble our efforts to pass this much needed cybersecurity legislation as soon as possible," he added. "The House Task Force is right to identify cybersecurity as a major national security concern. While our approaches differ in a few respects, we share many areas of agreement on how to strengthen our defenses against cyberattacks," said Sen. Susan Collins, R-Me.Bills will get integratedJeffrey Roman, staff writer, 12-12-2011, “Cybersecurity Law: Overcoming the Details,” GovInfo Security, : Is there a philosophical approach to this? The House leadership in the Republican-controlled chamber there looks at more of a piecemeal approach and was taking one bill at a time, rather than a comprehensive approach. Is that a problem in the Senate, in the sense of getting legislation to the floor? OLCOTT: It's not. It's just a different way of dealing with the issue. Having worked in the House for four and a half years on the Homeland Security Committee, I can tell you it's more of a function of the way that House rules are set up versus Senate rules, and your listeners shouldn't necessarily read anything more into that. I think that, from my understanding of the way that the House is proceeding, they obviously have the Cyber Task Force, which is composed of a number of different members from a number of different committees. Those members, I believe, will be going back to their committees and working on their own cybersecurity bills. At some point, those bills will be brought to the floor by Speaker Boehner - whether a large package or as individual bills - and eventually they will meet up with the larger cybersecurity bill that Senator Reid is trying to put together over in the Senate.Consensus between the two housesFederal News radio, 10-19-2011, “House, Senate cyber plans have much in common,” House and Senate appear to be taking opposite cyber strategies. The House wants to separate cyber components into different bills while the Senate wants one comprehensive bill. However, the content of the proposals in both chambers have a lot in common, said James Lewis, director and senior fellow of the Technology and Public Policy Program at the Center for Strategic and International Studies, in an interview with In Depth with Francis Rose. "There's hope we can get something done in this Congress," Lewis said. With the realization that cyber could have huge economic consequences, now more than in the last few years, lawmakers are paying attention to cybersecurity, he said. Cybersecurity Is Top Of The DocketCybersecurity is top of the agendaJudy Greenwald, staff writer, 1-1-2012, “Data breach notification could benefit from federal action,” Business Insurance, a Nov. 17 letter to Senate Minority Leader Mitch McConnell, R-Ky., Sen. Reid said, “Given the magnitude of the threat and the gaps in the government's ability to respond, we cannot afford to delay action” on critical legislation related to cyber security. “For that reason, it is my intent to bring comprehensive cyber security legislation to the Senate floor for consideration during the first Senate work period” in 2012. “It is my firm hope that the working groups will be able to achieve an agreement on legislation by then, but I believe the cyber threat to be of such urgency that we must act whether or not such agreement can be reached.”Cybersecurity happens early in JanuaryChris Strohm, staff writer, 12-21-2011, “Cyber Attack on U.S. Chamber Pressures Congress to Speed Web Rule Rewrite,” Bloomberg, cyber attack on the U.S. Chamber of Commerce will intensify pressure on Congress to overhaul Web security regulations written before the existence of Facebook Inc., Twitter Inc. and Google Inc. (GOOG)’s Gmail. Concern that computer systems for banks, power companies and Internet providers are vulnerable rose after hackers with ties to China stole confidential e-mails and documents from the chamber, the biggest U.S. business lobbying organization. “Congress and the administration have been dithering over cybersecurity for years,” said Stewart Baker, a former assistant secretary for policy at the Homeland Security Department and a partner at the Steptoe & Johnson LLP law firm in Washington. “In that time, American companies have been robbed blind. This does underline, if any underlining is necessary, that we need a strong cybersecurity bill.” Senate Majority Leader Harry Reid plans to take up cybersecurity legislation as early as next month to rewrite rules set after the terrorist attacks of Sept. 11, 2001. A U.S. report released last month found that China was the biggest hacker threat to American firms, and those attacks breached the networks of at least 760 companies.Reid puts it at the topJason Miller, staff writer, 12-22-2011, “An IT, acquisition review/preview,” Federal News Radio, bill gets passed — Senate majority leader Harry Reid promised to take up a comprehensive cybersecurity bill in early 2012. This bodes well for Congress finally to update FISMA and address other issues such as the security of critical infrastructure. But there are plenty of sticking points including the sharing of sensitive cyber data with industry.Obama Is Pushing CybersecurityClassified meetings prove – Obama pushing hard and bipartisan consensus over the bills urgencyGautham Nagesh, staff writer, 10-20-2011, “Obama officials press for cybersecurity bill in classified briefing,” The Hill, administration officials held a classified briefing with senators Wednesday to press for passage of comprehensive cybersecurity legislation this year, The Hill has learned. Several senators on Thursday acknowledged to The Hill that they had taken part in the classified briefing. The session was requested by the Obama administration and included representatives from the White House, Federal Bureau of Investigation, the Department of Homeland Security, National Security Agency and Pentagon, as well as the bipartisan leadership of the committees with jurisdiction over cybersecurity. All parties in the meeting agreed that there is an urgent need to address the rapidly growing threat to America's computer networks, sources said. Three senators interviewed by The Hill said there was widespread agreement during the briefing on the urgent need to pass a bill that would clarify how much authority the government has to require private sector firms deemed critical infrastructure — such as utilities and financial institutions — to improve their network protections. But the lack of cooperation between the relevant agencies and committees has stalled the process since the Obama administration unveiled recommendations for cybersecurity legislation in May. "There's a feeling it needs to be done very, very soon," said Sen. Chuck Grassley (R-Iowa), ranking member of the Judiciary Committee.Obama is pushing cyber bill – comes up quicklyLaura MacInnis, staff writer, 10-20-2011, “UPDATE 1-Obama officials, senators agree to seek cyber deal,” Reuters, , Oct 20 (Reuters) - Senior Obama administration officials and a bipartisan group of U.S. senators agreed on Wednesday to push for cybersecurity legislation as quickly as possible, the White House said on Thursday. White House spokeswoman Caitlin Hayden said the officials went to Capitol Hill "to discuss the growing cybersecurity threats to our nation and the need for prompt legislative action to ensure the U.S. government has the authorities it needs to keep the nation safe."Bipartisan consensus on bringing it up quickly and Obama pushesLaura MacInnis, staff writer, 10-21-2011, “Officials Say Bipartisan Deal on Cybersecurity Possible,” Insurance Journal, Obama administration officials and a bipartisan group of U.S. senators agreed on Wednesday to push for cybersecurity legislation as quickly as possible, the White House said Thursday. White House spokeswoman Caitlin Hayden said the officials went to Capitol Hill “to discuss the growing cybersecurity threats to our nation and the need for prompt legislative action to ensure the U.S. government has the authorities it needs to keep the nation safe.” U.S. lawmakers have been at odds about the best way to protect critical facilities like power and water utilities from cyber intrusions that have frozen websites and resulted in breaches and data theft from companies including Google, Lockheed Martin and Citigroup. Senate Democratic Leader Harry Reid’s office is working to draft a comprehensive bill aimed at protecting company and government networks along the lines of a cyber strategy the White House published in May. That would include new rules to force companies to notify consumers when breaches put personal data at risk and authorize the Department of Homeland Security to ensure minimum standards are met in monitoring for possible attacks. But a Republican task force in the House of Representatives said earlier this month that Congress should give companies incentives to boost cyber defenses and not rush to impose new regulations except in sensitive sectors like nuclear power, electricity and water treatment plants. In the Wednesday briefing, White House and U.S. agency officials told 12 senators including Reid, Republican Kay Bailey Hutchinson and Independent Joe Lieberman that a comprehensive approach would balance the burden of defending computing networks between the government and private sector. “From our point of view it was an extremely useful and constructive discussion, ending with agreement that all involved need to work together to pass a cybersecurity bill as quickly as possible,” Hayden said. “The administration looks forward to continuing work with Congress to urge all involved to quickly enact these ideas into law in a bipartisan manner.”AT: No Cybersecurity Legislation ExistsCybersecurity bills exist and are coming up – bipartisan support and urgencyJoseph Menn, staff writer, 10-12-2011, “Republicans back cybersecurity law push,” Financial Times, issues of cyberwarfare and cybersecurity have drawn increased attention in Washington and other national capitals, fuelled by fears that the Stuxnet computer worm that damaged the Iranian nuclear programme could spawn similar attacks against the west. Congressional hearings have highlighted concerns that the US has no ready answer for persistent reports of internet-enabled espionage at military contractors and technology companies. So far no laws have been passed, even when Democrats controlled both houses of Congress. With the most comprehensive statement to date from Republicans, both parties are now on record that they would like the government to endorse standards for the safety of critical infrastructure, without issuing detailed, checklist instructions. The Republicans favour a broader range of incentives for businesses to meet those standards, including protection against lawsuits. Senate Democrats, who have passed two cybersecurity bills out of committee, cheered the overlap in ideas, as did some industry lobbyists and academics. “The thrust is in the right direction. A lot of it echoes what the private sector has been proposing for the past few years,” said Marcus Sachs, Verizon vice-president for national security policy. Obama is pushing a legislative approachJohn K. Higgins, staff writer, 10-18-2011, “Cybersecurity Proposals Begin to Meld,” Technewsworld, "The administration is working on many fronts to protect Americans and improve our nation's cybersecurity. Legislation is an important component of these efforts," he added. NIST, a unit of the Department of Commerce, is developing many of the criteria to facilitate improved Internet protection. "The administration urges Congress to enact legislation as quickly as possible to ensure the security of the networks upon which the economic and national security of our nation rests. There is an imperative for legislative action in this Congress. We need to modernize the law to ensure that our country's infrastructure remains protected against cyberthreats," Schwartz said.Even if it’s still proposed, Obama will make it a priorityLive Insurance News, 5-15-2011, “Congress wants to take a bite out of cyber crime,” these attacks and increasing attacks to transportation and financial networks, as well as to our electricity grid; President Obama has made the cybersecurity issue an administrative priority. The proposed legislation main points are to protect the American people, our nation’s critical infrastructure and federal government computers and networks. The Administration’s proposal also guarantees protection of individual’s civil liberties and privacy. Federal agencies (and their contractors) will be required to follow privacy procedures as well as, civil liberty procedures. There will be limits on monitoring activities and collecting, using, sharing and holding of information. Consumer protection is high on the list also; accounting for the addition of a national reporting of data breaches and developing federal penalties for cybercriminals. White House officials say the proposed plan is an essential balance between safeguarding privacy, strengthening security and promoting the continuation of economic development. This coming just in time for a big surge in what is now coined as, mobile commerce. With new technology coming to the U.S. that will allow consumers do virtual anything on their phone, security is a hot issue. Industry reporter, Lisa Green from , states that we will see Near Field Communication technology in our phones has early as the end of this year. These NFC phones will allow consumers to pay for store items all from their phone, a virtual wallet of sorts. With new ways to steal ones identity, the hopes are that Congress can get the (proposed) legislation enacted before the end of this year.AT: Gridlock Means Nothing Can PassCurrent gridlock doesn’t derailJoseph Menn, staff writer, 10-12-2011, “Republicans back cybersecurity law push,” Financial Times, Mr Thornberry said that partisanship need not derail the process. “There is a fair amount of agreement by the White House, by the (Democratic-led) Senate in their continuing efforts and by the task force,” he told the Financial Times. “If we are going to be gridlocked over money and other things over the next year, maybe we have a chance to do something that is not gridlocked”.Overcomes general gridlock argumentsCheryl Kaften, consultant, 10-19-2011, “Guarding the Grid: U.S. Utilities Scale Up Their Cyber Security Spending,” , even in an increasingly divisive political arena, the critical imperative of cyber security has received relatively little pushback. Homeland Security and Governmental Affairs Committee Chairman Joe Lieberman, (ID-Conn.), said in early October, “As cyber crimes and attacks take an increasing toll on our privacy, economy, and national security, there is simply no reason we can’t pass bipartisan legislation this year to address this urgent and growing threat.”Overcomes current gridlockJason Ryan, staff writer, 10-27-2011, “Loss of Life in Major Computer Attack, Warns Homeland Security,” ABC News, discussed a wide range of computer security issues at the event and urged Congress to push forward with cybersecurity legislation that the White House proposed had in May. Despite the partisan rancor that often comes from Congress, Napolitano said she hoped the legislation could gain strong bipartisan support.AT: Recess Appointments Hurt CapitalAppointments will help Obama politicallyDan Rivoli, staff writer, 1-4-2012, “Obama's Consumer Watchdog Appointment Could Pay Political Dividends,” International Business Times, articles/276628/20120105/obama-s-consumer-watchdog-appointment-pay-political.htmThe White House has characterized the appointment as a way to circumvent an unyielding Republican blockade preventing anyone to helm the Consumer Financial Protection Bureau. But Obama's decision to make the appointment on Wednesday during the pro forma session was--intentionally or not--a political move that could serve him well in his re-election campaign. As the president's Republican critics bellow about constitutional minutiae concerning recess appointments, Obama will surely hammer the GOP for opposing a consumer financial agency after the worst financial crisis since the Great Depression. "The only reason Republicans in the Senate have blocked Richard," Obama said in a Wednesday speech on the appointment, "is because they don't agree with the law that set up a consumer watchdog in the first place. They want to weaken the law. They want to water it down." In the speech, he promised to use his authority to act unilaterally in America's best interest if Congress is unwilling to compromise with him. The appointment fits right into his campaign strategy of running against obstinant lawmakers, as Harry Truman did in 1948, railing against a "do-nothing, good-for-nothing" Congress. Had Obama made his recess appointment in a less controversial manner--there was a brief window of opportunity Tuesday between the first and second sessions of the 112th Congress--Republicans would be harrumphing about the president's unwillingness to compromise on an agency they see as too powerful and too unaccountable. So, what are his GOP critics saying instead? Senate Minority Leader Mitch McConnell, R-Ky., said Cordray is facing "uncertain legal territory;" House Speaker John Boehner, R-Ohio, predicted the courts would find Obama's "extraordinary and entirely unprecedented power grab .. illegitimate." That is not the message Senate Republicans have previously used to disparage the CFPB, which they have called a jobs-destroyer-in-waiting. The louder they oppose the appointment for disrespecting the confirmation process, the longer the issue gets dragged out in the press through legal actions and constitutional challenges, the more grist Obama has in the campaign season to paint Republicans in Congress as too beholden to corporate interests. Appointments are key to momentum and popularityAlister Bull, staff writer, 1-6-2011, “Obama, staying on attack, highlights consumer watchdog,” Reuters, the offensive in the first week of the presidential and congressional election year, Obama has sought to use the financial watchdog agency he created to underpin his campaign platform as a champion of the middle class running against a gridlocked Congress. Obama's approval ratings have improved since he successfully pushed Republicans in the House of Representatives in December to accept a two-month extension of the payroll tax cut for 160 million Americans. The White House wants to maintain that momentum, and Obama on Friday said Congress "should extend the middle class tax cut for all of this year to make sure we keep this (economic) recovery going." Standing beside Richard Cordray, whom he appointed on Wednesday as director of the Consumer Financial Protection Bureau despite Senate Republicans' objections, Obama said the watchdog agency will shield ordinary Americans from being tricked by the financial industry. "Every one of you here has a critical role to play in making sure that everybody plays by the same rules, to make sure that the big banks on Wall Street play by the same rules as community banks on Main Street," he said. Republicans opposed Cordray and warned that the agency could hurt the U.S. economy by burdening the financial industry with red tape that would reduce hiring. With Senate Republicans blocking the nomination, Obama moved to install Cordray while Congress was on its holiday break. White House strategists hope the creation of the bureau will persuade voters that Obama is standing up for ordinary Americans, while Republicans side with big banks and the wealthy few. "That's your mission, to make sure that the American people have somebody in their corner, that American consumers have somebody who's got their back," Obama said. That populist message also taps into public anger toward big banks bailed out by U.S. taxpayers in 2008.Appointments hurts the GOP moreBrain Beutler, staff writer, 1-4-2011, “Why Obama Chose To Appoint Cordray The Hard Way,” TPM, are predictably attacking President Obama’s decision to recess appoint Richard Cordray — his top consumer watchdog — on procedural grounds and with constitutional volleys. This is why Obama and Cordray’s allies thought it might be wiser for Obama to make the appointment on Tuesday when, for technical reasons, he could have relied on precedent and avoided opening this particular Pandora’s box. But by taking a more daring approach, Obama managed to both wrongfoot the GOP politically, and secure for Cordray up to an extra year in the director’s chair at the Consumer Financial Protection Bureau.AT: XOs Hurt CapitalXOs prove hes energizedGadsden Times, 10-26-2011, “President still has clout,” , Obama this week proved that an occupant of the Oval Office still has plenty of clout, just by signing his name. Weary of battling with Republicans in Congress, he issued executive orders, not subject to congressional review, to make significant moves on two key issues, one of which has become a significant part of the Occupy Wall Street protests that are continuing in New York and have spread across the U.S. Monday, Obama revised federal rules to allow mortgage holders with federally guaranteed loans who aren’t behind on their accounts to refinance their mortgages, no matter how far underwater they are when it comes to their homes’ value. Tuesday, he tackled student loan debt, which is set to exceed $1 trillion for the first time this year. The effective date of a congressional measure lowering the maximum repayment on student loans from 15 percent to 10 percent of discretionary income will be 2012, instead of 2014, and any remaining debt now will be forgiven after 20 years, not 25. Also, those with both direct federal and Family Education Loan Program loans will be able to consolidate them, and get as much as a half-point break on interest. Both moves are likely to help homeowners and those buried under student debt — although our question, as with any kind of stimulus package, is that once you try it, what’s left in the arsenal in case more action is needed? Bypassing Congress could be a risky move and give Obama’s Republican opponents political ammunition. It also could pay off for a president who’s been losing some of the independents who helped him get elected, and suddenly appears more energized.Boosts PC – expands his imageLesley Clark, staff writer, 10-31-2011, “Faced with re-election, little action in Congress, Obama acts alone,” Miami Herald, say that without Congress, which has the primary power over taxes and spending, there's little Obama can do unilaterally to move the needle on job creation. But he can work on his image. "It's small stuff in reality, but by perception it can pay off," said William Galston, a former policy adviser to President Bill Clinton who's a senior fellow at the Brookings Institution, a center-left policy research center. "He looking to present himself as if he's on the little guys' side, fighting for them. He cares about jobs; the others guys don't. That's the message they're trying to reinforce through a series of steps." Political observers have suggested that Obama is taking a page from Clinton, whose penchant for signing executive orders led an adviser to boast: "Stroke of the pen, law of the land. Kinda cool."Nothing to loseDevin Dwyer, staff writer, 10-31-2011, “Obama Executive Actions May Have Limited Impact,” ABC News, As for why Obama took so long to use his executive powers if he’s had them all along, Axelrod said the problems are “complicated.” ”There’s no silver bullet for them, so you have to keep chipping away at this problem and that is what he’s doing.” Mann says the strategy is part instructional, part substantive and part political, all without much to lose. ”His Republican critics have been saying all along, ‘why don’t you act?’, assuming he can tell the Congress what to do,” Mann said. “Now he’s acting on what basis he has.”AT: Keystone XL Hurts CapitalObama rejects keystone – doesn’t hurt himDavid Roberts, staff writer, 12-26-2011, “As Keystone XL victory looms, a ‘top enviro’ games out how to lose,” Grist, now, the GOP is in abject disarray. In their flailing, an extraordinarily petulant and self-defeating House GOP caucus has teed Obama up for another victory. They are killing the pipeline for him. All he has to do is let them -- and then make sure every American understands what happened. It's a substantive win, a huge boost to his base, and ... what? Another talking point for the Chamber of Commerce-sponsored Republican Clown Show to use against him? So what? Their screeching has been turned up to 11 for years now. One more bit of static is hardly going to make a difference. Yes, they will use it against him, but if it wasn't Keystone it would be something else. Trying to "avoid attacks" is a brain-dead reason to do something in 98 percent of cases.Even if he backs down, he keeps his PCJeff Goodell, staff writer, 12-23-2011, “Keystone Pipeline Endgame: Three Scenarios,” Rolling Stone, . Obama could sign the legislation and then find a way to allow the pipeline to get built, perhaps along a slightly different route. This scenario, which would require some fancy footwork from the White House, was laid out for me last night in an off-the-record conversation with a top environmentalist. It goes something like this: Everything that happens in Washington right now is about the upcoming election. To win, Obama needs to keep his base happy; two key constituents are environmentalists and labor. Obama gave enviros a big win with the initial decision to delay the pipeline last month. But he gave them an even bigger win this week when he issued the first-ever rules to control toxic air pollution, including mercury from coal plants. This was a huge deal, a move that will save tens of thousands of lives every year and likely lead to the shut-down of dozens of old coal plants. By virtually any measure (including reduced carbon pollution), the impacts of this rule far outweigh those of denying the pipeline. Politically, this puts Obama (and his political team) in a sweet spot. He can now go to enviros and say: I gave you mercury regulations, now I'm going to OK the pipeline in order to make my friends in the labor unions happy and get Big Oil off my back. In this scenario, he wins with enviros, he wins with labor, and he gets to point to the pipeline as a big infrastructure project that is creating jobs and keeping Americans working (although the number of jobs the pipeline will actually create has been wildly inflated). He keeps Big Oil from hammering him in the election, and – best of all – he doesn't look captive to enviros. The risk, of course, is that he will have to back-track on the administration's much-praised decision to stall the pipeline. And hard-core anti-pipeline activists are likely to kick up a shitstorm. But most enviros will buy the argument that the mercury regulations were a much bigger deal than the pipeline, and thus criticism of the president will likely be muted. All in all, it could be a smart political play. That is, if your goal is to win re-election, rather than to actually break America's addiction to oil.AT: Debt Ceiling Hurts CapitalNo debt fights – not in session, already worked outMeg Handley, staff writer, 12-27-2011, “Officials: Obama Will Ask to Raise Debt Ceiling This Week,” US News, officials say President Obama plans to ask Congress for a $1.2 trillion bump in the debt ceiling by the end of the week as the nation's debt is expected to fall within $100 billion of the current borrowing limit. But no need to scout out a bunker in Wyoming yet. Experts don't expect the President and Congress to lock horns like they did last summer over the same issue, mostly because Congress won't reconvene until later in January and the White House's request for more borrowing authority is in line with the deal struck in August to keep the U.S. government funded into 2013. That agreement automatically ups the debt cap unless Congress votes to block an increaseNo debt fights comingJoan McCarter, staff writer, 12-30-2011, “Next debt ceiling hike not likely to create political fight,” Daily Kos, administration is expected to ask for an additional $1.2 trillion in debt by the end of today, triggering a 15 day countdown for the Congress to cast what would be a largely symbolic vote of disapproval. The debt ceiling agreement of last August set up a series of "tranches" for the Treasury's borrowing authority, this is the next tranche. But because the House is out of session until Jan. 17 and the Senate is gone until Jan. 23, it is probable that the debt ceiling will be increased without a whimper. The action would raise the country’s debt ceiling to $16.4 trillion from $15.2 trillion. According to the Treasury Department, that may be enough to cover federal spending through the 2012 elections. And, just in case it needs more, the Treasury says it will be able to authorize special measures — for example, suspending certain payments to civil service pensions — to fund the government through the elections. This summer, a spectacular battle erupted between the Obama administration and congressional Republicans over raising the nation’s debt limit. Republicans ultimately agreed that the debt limit would be automatically increased in three stages — although at each instance Congress would have the option of voting to block the increase by passing a “resolution of disapproval.” These resolutions of disapproval are entirely symbolic—if they should pass, there aren't enough votes to override a presidential veto. The timing of these has caused some confusion on the Hill, since the deadline for the vote comes before either chamber is back in session. Given that the vote is entirely symbolic, and that the real fight over a the long-term extension of the payroll tax cut and unemployment benefits looms, chances are good Congress will hold this vote under unanimous consent. And, as with the recent vote on the payroll tax cut extension, tea partiers will scream bloody murder about it, but not do anything to stop it.No fights and Obama’s insulatedMark Landler, staff writer, 12-30-2011, “Obama Waits Before Asking for Increase in Debt Limit,” NYT, Obama agreed on Friday to delay a request to Congress to expand the government’s borrowing authority by $1.2 trillion, allowing lawmakers time to return from recess and register their views on it. The delay, which a White House official said would be only a few days, will not jeopardize the operations of the government, as last summer’s impasse over the debt ceiling did. The budget agreement of Aug. 2, which broke that deadlock, has made it highly unlikely that Congressional Republicans could block an increase in the debt limit through the 2012 election. Since signing legislation to codify that agreement, Mr. Obama has already obtained two increases totaling $900 billion. Still, House Republicans, who led the battle over the debt ceiling, are likely to seize the opportunity to condemn further borrowing and vote against the increase even if they cannot block it. By agreeing to the request for a delay from Senate and House leaders, the White House in effect is giving lawmakers the chance to weigh in without having to cut short their vacations. The delay also insulates the White House against accusations that it sought to push the increase through while Congress was away.Political Capital Key To CybersecurityObama needs to push and focus to get it throughEric Chabrow, executive editor of Gov Info Security, 9-29-2010, “Cybersecurity Law: What Congress Can, Cannot Pass,” "The White House could help drive this; the White House could get up and say we need this," said former Rep. Tom Davis, the Virginia Republican who coauthored the Federal Information Security Management Act and the E-Government Act. "There's no immediate political value in pushing your green stamps on this because the public is pretty oblivious to this." Dan Chenok, chairman of the federal Information Security and Privacy Advisory Board, said Schmidt and his team are focused on a wide variety of cybersecurity issues such as developing partnerships with industry to secure the nation's critical IT infrastructure and beefing up the Department of Homeland Security's cybersecurity abilities. "They're trying to do a lot of things in the cyber arena within the administration, and it's taking a lot of their focus to get that done," he said. "Every hour they spend on legislation takes time away from that." Obama push is important to getting it through Jaikumar Vijayan, staff writer, 5-13-2011, “Little new in Obama cybersecurity proposal,” Computer World, - A set of cybersecurity proposals, submitted to Congress on Thursday by the Obama administration, contained little that was new or unexpected. The proposals have been in the making since May 2009, when President Obama announced his intentions to make cybersecurity a national priority as part of his new Comprehensive National Cybersecurity Initiative. Since then, the administration has created a new White House cybersecurity office and appointed a coordinator to head it. It has put in place a National Cyber Incident Response Plan, which is in the final stages of being tested. And the White House has also been engaged in discussions with stakeholders from both the public and private sectors on how to improve cybersecurity at the federal government level and within the private sector. Thursday's cybersecurity legislative proposal is one outcome of those efforts. But its contents are likely to come as something of a disappointment for those who might have been expecting sweeping new proposals. The proposal was developed in response to Congress' "call for assistance" on cybersecurity matters, White House cybersecurity coordinator Howard Schmidt said in a blog post today. The proposals include a long-standing call for a national data breach notification law that would standardize the existing patchwork of state laws companies and government entities have to comply with. It also calls for laws that would impose stricter penalties on cybercriminals, and would set mandatory minimum prison terms for intrusions into critical infrastructure targets. In addition, the White House is calling for legislation that would give the Department of Homeland Security a much more active role in working with private sector critical-infrastructure operators to identify, prioritize and protect against threats. "The lack of a clear statutory framework describing DHS's authorities has sometimes slowed the ability of DHS" to help organizations that come seeking its aid on cybersecurity issues, the White House noted. The new proposals would also clarify "the type of assistance that DHS can provide to the requesting organization," it said. As expected, the White House proposals call for a strengthening of the Federal Information Security Management Act (FISMA), which all civilian federal agencies are required to comply with. Critics of FISMA have long called for a total revamp of its requirements, saying that the standard, as it exists, now does little to enhance security. In addition, the proposals require the DHS to oversee the implementation of intrusion prevention system (IPS) for blocking attacks against government computers. Internet service providers that implement the systems on behalf of the DHS would be provided legal immunity, as needed, to provide the service, the White House noted. Other proposals include measures for stronger protections for cloud computing, and laws that would prevent states from requiring cloud service providers to build data centers in their state, unless explicitly approved by the federal government. "This proposal strikes a critical balance between maintaining the government's role and providing industry with the capacity to innovatively tackle threats to national cybersecurity," Schmidt said in his blog post. Alan Paller, research director at the SANS Institute, said the White House proposal will catalyze congressional action around cybersecurity. "It is a fundamental and important step," Paller said. "I think the Republicans and the Democrats will go along with it," especially as far as the FISMA recommendations are concerned.Heavy lifting keyMarc Ambinder, staff writer, 10-7-2011, “Obama Issues Preparedness Goals,” National Journal, Goal, obtained by National Journal, relies heavily on cooperation among state, local and federal governments, and boosts the roles and responsibilities of the private sector. It also envisions a change in the way the public views disasters: Americans have to prepare to be resilient. The general strategy is being unveiled Friday by FEMA Administrator Craig Fugate at the National Emergency Management Association Conference in Austin. The policy directive and national Goal will influence all emergency response plans that involve federal assets, and will guide the administration’s disaster-related budget requests for years to come. FEMA identified several major hazards that could pose a significant risk in the years ahead. Many are obvious natural disasters: wildfires, floods and hurricanes. The lengthy risk assessment, which is classified, also found an increased risk from technological and infrastructure failures, from a flu pandemic, from dam collapses, as well as cyber terrorism. Though the government has many plans and directives to respond to emergencies, coordination and resource allocation remain largely ad hoc, something that several presidents, including Bill Clinton and George W. Bush, have struggled with. The Goal gives the Department of Homeland Security, which still is vexed by questions about its mission, more direction, a road map to its own future, as it is the federal agency in charge of emergency preparedness. As of today, the Goal is a just 28-page document, written in dry, bureaucratic language, with several classified annexes. Translating it into action will require heavy lifting from Congress, which may find its own priorities different from the executive agencies that must flesh out the strategy. Translating it into action will require heavy lifting from Congress, which may find its own priorities un-addressed as executive agencies behind to add flesh to the strategy.Cybersecurity Bill SolvesSolves – ensures data sharing to protect AmericaJohn K. Higgins, staff writer, 10-18-2011, “Cybersecurity Proposals Begin to Meld,” Technewsworld, substance, while the Task Force admits that the government must be involved in cybersecurity policy, the group stresses that such a role should be limited. Critical infrastructure assets, such as power and telecommunications, are mostly owned by the private sector, the report notes. "Yet we have been told that the free market alone may not be able to improve security sufficiently. The return on investment may be hard to prove, and businesses will only do what makes sense for the bottom line," it says. To address this conflict, the group recommends that Congress adopt a menu of voluntary incentives to encourage private companies to improve cybersecurity. Tax credits, liability protections for compliance with security "best practices," and other tools could be used as incentives. The tricky area of information sharing poses a similar dilemma. "Private sector entities control the vast majority of information networks and assets vulnerable to a cyber attack. Consequently, such entities are often in the best position to identify and defend against cyber-related threats," the report notes. To promote security, "Congress should facilitate an organization outside of government to act as a clearing house of information and intelligence sharing between the government and critical infrastructure to improve security and disseminate real-time information designed to help target and defeat malicious cyber activity," it says.Key to federal response and private protections – saves IP which is key to the economyHoward A. Schmidt, the Cybersecurity Coordinator and Special Assistant to the President, 10-28-2011, “The Time is Ripe for Cybersecurity Legislation,” The White House Blog, intrusion taught us a few lessons about the shortcomings of our current cybersecurity system. For instance, we greatly appreciate it when corporate leadership alerts the Federal government to serious intrusions, yet there is no general national requirement that companies do so. In cases of cybersecurity incidents that can damage our critical infrastructure such as the electric grid or our financial, transportation, and communication networks – damage that can put our national security, public safety, and economic prosperity at risk – the Federal government must know what is happening so that it can take steps to bring adversaries to justice and help protect Americans. Unfortunately, our critical infrastructure has suffered repeated cyber intrusions in the past year. Cybercrime, including online identity theft that hurts millions of Americans as well as the theft of intellectual property – American companies’ innovative ideas that are the lifeblood of our economic growth – continues to escalate. Many cyber intrusions could be prevented by implementing sound cybersecurity practices, but companies must be better motivated to make these investments. And while the Federal government continues to take actions to improve our nation’s cybersecurity under our existing legal frameworks, our laws need updating if we are to even the playing field with the cybercriminals. To address these gaps, and at the invitation of Congressional leaders, the Administration delivered a major cybersecurity legislative proposal on May 12, 2011. This proposal incorporates many of the ideas of Senate and House leaders. It includes national requirements for consumer notification after data security breaches to help Americans take steps to protect themselves and hold companies accountable. It also gives companies a defined process so they can build their internal response plans. It provides for new authorities for the Secretary of Homeland Security to ensure government networks remain safe and reliable, and a unique framework to protect privacy and civil liberties. It would encourage critical infrastructure owners and operators to make the necessary investments to limit the current surge of cyber intrusions, and would set clear expectations for companies to let the Federal government know promptly if intrusions do occur – essential information that can help us stop an incident from turning into a crisis.Cybersecurity Bill Would Stop CyberterrorismEliminates the majority of the threatZach Rausnitz, staff writer, 10-12-2011, “House Cybersecurity Task Force suggests incentives, info-sharing,” Fierce Homeland Security, should pass cybersecurity legislation that includes incentives for the private sector and creates an entity that promotes information-sharing, according to House Republican Cybersecurity Task Force recommendations (.pdf) unveiled Oct. 5. Rep. Mac Thornberry (R-Texas), who headed the task force, outlined the recommendations during an Oct. 11 event at the Center for Strategic and International Studies in Washington, D.C. Sign up for our FREE newsletter for more news like this sent to your inbox! "Congress should enact a menu of incentives to encourage cybersecurity to be a higher priority," Thornberry said, noting that "encouragement is better than mandates." Incentives will help "elevate this issue in the consciousness of CEOs and businesses," he added. For example, the task force recommends that Congress look into extending research and development tax credits to cyber investments and determine whether cybersecurity insurance can help increase security. It also recommends Congress facilitate the creation of a non-government clearinghouse for information-sharing among businesses and the government. Thornberry added that about 50 laws related to cybersecurity are not up-to-date with current technology and need revision. At the CSIS event, Thornberry gave some of his own input. For example, he said that "anybody who gets a federal grant ought to have some sort of minimum level of cybersecurity." He also said that "basic hygiene" steps could eliminate the majority of malware.Bill is necessary and sufficient to solve cybersecurityBob Gourley, works at the Cyber Conflict Studies Association, worked for the DODs Joint Task Force for Computer Network Defense, 10-25-2011, “If You Could Pick One Thing For Congress To Do Regarding CyberSecurity, What Would It Be?” SYS-Con Media, friend who is a former Representative and a respected advisor of many senior politicians recently asked me for some thoughts on cyber legislation. In general, people ask my thoughts because of time I’ve spent working strategic cyber issues in the Cyber Conflict Studies Association (CCSA) or because of my history at DoD’s Joint Task Force for Computer Network Defense (JTF-CND) or perhaps because as a techie and a writer I try to track technological contributions to the issues. People generally don’t ask me to comment on legislation since I really don’t track that closely. But, over time, I have come to a conclusion on the most important cyber legislation the nation needs and I would like to share that with you. So here is how I replied to the request from my friend the former representative: I worry so much about the state of cyber. I worry about our tech, our education system, our procedures, our laws, our military, our economy. But the thing I worry the most about is the continual inaction. And I think that is because of a lack of awareness and a general ignorance of the state of cybersecurity. So, I’ve become convinced that the most important thing we can do is drive for better metrics on the state of cybersecurity in the nation. Like Abraham Lincoln said, “If we could first know where we are, and whither we are tending, we could better judge what to do, and how to do it.” So, if there was one thing to put in legislation, it would be coherent breach reporting guidelines. We need this in order to generate data that can drive assessments and awareness and help with fact-based analysis on what to do next. Everything else is secondary. Get the metrics on breach reporting, and that should hopefully help drive the many other actions required.Cyber Attacks Bad – Impact CalcCyber attacks are try or die – eventually they will succeedFahmida Rashid, staff writer, 10-30-2011, “Cyber-Attackers Already Targeting Critical Infrastructure: DHS,” eWeek, experts have long warned that critical infrastructure, such as electrical grids and power plants, were vulnerable to attack. The Federal Bureau of Investigation's executive assistant director, Shawn Henry, said the threats were "incredibly real" and intrusions into corporate networks, personal computers and government systems were "occurring every single day by the thousands," in a speech at a recent conference in Baltimore. “It could shut down our electric grid or water supply. It could cause serious damage to parts of our cities, and ultimately, even kill people," Henry said. There have already been several "high-tech catastrophes," Eugene Kaspersky said at a cyber-security summit in New York earlier this month, referencing the Spanair flight 5022 crash in 2008 and the blackout that blanketed the East Coast in 2003. Malware was "not the reason" the incidents happened, but they would not have happened without malware, according to Kaspersky. In the case of the blackout, some of the critical systems in key data centers used by utility companies had been infected by the Blaster worm. It was inevitable that attackers would someday go after the electric grid, Kaspersky said. Governments need to share threat intelligence with the private sector, defend critical systems, and work with other governments to track down cyber-adversaries, according to Kaspersky.Cyberterrorism is the highest riskUPI, 6-7-2011, “U.S. infrastructure faces cyberthreats,” "Our vulnerability is not just because of enemies well known, but can often be because of enemies unknown, enemies who simply have a grudge against society," Issa said in his opening remarks. "It is today possible to be a great warrior with nothing but your slippers in your bedroom and a desire to bring down some aspect of public or private infrastructure related to the Internet. … "Not since the end of World War II has America seen a threat so great looming for so long." Ranking member Rep. Elijah Cummings, D-Md., noted U.S. infrastructure, "including power distribution, water supply, telecommunications and emergency services, have become increasingly dependent on computerized information systems to manage their operations and to process, maintain and report essential information." Greg Schaffer, acting deputy assistant secretary of the National Protection and Programs Directorate of the U.S. Department of Homeland Security, told the committee it is clear that "supply chain risk management is an issue that the administration is focused on." "This is one of the most complicated and difficult challenges that we have. The range of issues goes to the fact that there are foreign components in many U.S. manufactured devices," Schaffer said, adding it will take a "whole-of-government" effort to combat the new threats.Means and motives exist for cyberterrorismJennifer Martinez, staff writer, 10-27-2011, “Hackers 'close' to major damage,” Politico, said that jihadists, such as Al Qaeda, are more focused on attacking the U.S. through aviation and explosive devices rather than cyberattacks. But she added that there are others in the world that may not be jihadists but “have other motivations” and technical capabilities that are looking to attack the U.S.Cyber Attacks Bad – EconHigh risk and kills the economy – destroys all critical infrastructureJason Ryan, staff writer, 10-27-2011, “Loss of Life in Major Computer Attack, Warns Homeland Security,” ABC News, of Homeland Security Secretary Janet Napolitano said today that a major computer attack against critical U.S. infrastructure could result in a loss of life and massive economic damages. “The network intrusion that shuts down the nation’s critical infrastructure .. . could cause loss of life but also a huge economic loss.” Napolitano said at a cybersecurity event sponsored by the Washington Post. “We’ve seen attempts on Wall Street, transportation systems, things of those sorts.” Cybersecurity experts have long warned that hackers could target electrical grids and power plants, which could affect hospitals and water treatment plants. Napolitano also said DHS offices had been probed in computer intrusions by hackers attempting to infiltrate the department’s systems, although Napolitano declined to comment on the specifics of the intrusions or specify if the intrusions had specifically targeted her office. Napolitano discussed a wide range of computer security issues at the event and urged Congress to push forward with cybersecurity legislation that the White House proposed had in May. Despite the partisan rancor that often comes from Congress, Napolitano said she hoped the legislation could gain strong bipartisan support. “Cyber attacks are increasing in frequency, in complexity and in consequence,” Napolitano said. “In [fiscal year] 2011 alone, our U.S. Computer Emergency Readiness Team, CERT, responded to more than 100,000 incident reports and released more than 5,000 actionable cybersecurity alerts and information products.” Although the DHS Secretary declined to address specific instances, there have been a slew of high-profile hacking intrusions in the past 2 years: The FBI and U.S. Secret Service are investigating intrusions into computer systems run by NASDAQ-OMX, the parent company of the NASDAQ stock exchange, which were compromised last year. Earlier this year RSA, the security division of the EMC Corp., suffered a computer intrusion that resulted in a breach of its firm’s intellectual property, Secure ID, which provides encrypted authentication services. During 2009, groups in China were behind a highly sophisticated hacking of Google and more than 30 other companies that went undetected until January 2010. “We are in a constant state of seeing activity against critical infrastructure,” said Greg Schaffer, DHS assistant secretary for cybersecurity and communications, who also spoke at Thursday’s event. U.S. officials believe that China had been behind many of the infiltrations; members of Congress have recently mentioned this, but diplomatic and security officials are more reluctant to attribute the infiltrations to China. Last week, Shawn Henry, the FBI’s executive assistant director, also highlighted the damage a major computer attack could have on the United States. “The cyberthreat is an existential one, meaning that a major cyberattack could potentially wipe out whole companies,” Henry said in a speech in Baltimore Oct. 20. “It could shut down our electric grid or water supply. It could cause serious damage to parts of our cities, and ultimately, even kill people. While it may sound alarmist, the threat is incredibly real, and intrusions into corporate networks, personal computers and government systems are occurring every single day by the thousands.”Nuclear WarCesare Merlini, nonresident senior fellow at the Center on the United States and Europe and chairman of the Board of Trustees of the Italian Institute for International Affairs, 5-30-2011, “A Post-Secular World?”, Survival, Vol. 53 Issue 2, neatly opposed scenarios for the future of the world order illustrate the range of possibilities, albeit at the risk of oversimplification. The first scenario entails the premature crumbling of the post-Westphalian system. One or more of the acute tensions apparent today evolves into an open and traditional conflict between states, perhaps even involving the use of nuclear weapons. The crisis might be triggered by a collapse of the global economic and financial system, the vulnerability of which we have just experienced, and the prospect of a second Great Depression, with consequences for peace and democracy similar to those of the first. Whatever the trigger, the unlimited exercise of national sovereignty, exclusive self-interest and rejection of outside interference would self-interest and rejection of outside interference would likely be amplified, emptying, perhaps entirely, the half-full glass of multilateralism, including the UN and the European Union. Many of the more likely conflicts, such as between Israel and Iran or India and Pakistan, have potential religious dimensions. Short of war, tensions such as those related to immigration might become unbearable. Familiar issues of creed and identity could be exacerbated. One way or another, the secular rational approach would be sidestepped by a return to theocratic absolutes, competing or converging with secular absolutes such as unbridled nationalism.Cyber Attacks Bad – GridCyber attack on the grid coming – shuts it down and causes meltdownsCharles R Smith, Worldwide Writer, 8-19-2003, “Cyber Terror” sources announced that they are responsible for the recent power blackout in America. One more lie to add to a thousand tall tales spun by hidden terrorists. In fact, the recent power blackout actually demonstrated that the electric computer network operated correctly. The blackout began when a critical main line went down, leaving the rest of the network to carry the electrical load. The network noted that the load was too much to carry and began to shut itself down. The so-called "domino" effect began as each segment of the grid detected an overload and shut down, including 10 nuclear power plants that "scrammed" (shut down) automatically. If hackers had had control of the network, they would have overridden the shutdown commands. The override would have caused physical damage to the network, burning out transformers and switching stations as they tried to carry the excess power. The result would have been millions of dollars in damages, and weeks without electrical power for millions of Americans. Instead, the power companies were able to take care of the specific overload and re-establish electrical power within hours. The power blackout may have been an inept hack attack but it is doubtful simply because there was little physical damage to the electrical grid. One reason why I doubt Al-Qaeda’s claim is because the 10 nuclear power plants located in the blackout area all shut down per pre-programmed safety procedures. If hackers had been able to penetrate the computer networks, they might have been able to override the automatic "scram" sequences inside the nuclear power plants. This frightful scenario ends with an atomic meltdown. Air Force Hackers Succeed In comparison, the U.S. Air Force recently conducted a successful simulated attack against the American power grid. Hackers from the South Carolina-based cyber war squadron were able to penetrate the fragile power grid on the West Coast. The Air Force hackers could have brought down the electrical grid from Seattle to San Diego. Computer security is something that does not come naturally to government or business authorities. It is viewed as an expense of doing business, something that must be kept to a bare minimum. I once served as security adviser for Virginia Government Internet Committee and co-wrote the information security requirements for the state in its final report to the Virginia Commonwealth Legislature. The report was requested by Gov. Doug Wilder (D) and accepted by Gov. George Allen (R). I spent months in meetings and hundreds of hours compiling evidence for the state to set up a strong information security policy. For the most part the rest of the committee ignored the evidence and the recommendations. Until one day when a group of system administrators from another state came to show off their brand new computer network. Many of the members were fascinated by the performance of this computer network until I managed to squeeze in a single question about the security of their system. "Oh," one of the administrators replied, "we have not had any real problems with security except when a hacker used our system to get into a nuclear power plant." At that moment you could have heard a pin drop. Every talking head in the room fell silent and nearly a hundred eyes focused on the now nervous computer administrator. "How did you find the hacker?" I asked, pressing my point. "We didn’t. The nuclear power plant contacted us and we shut down the open connections," she replied. Suddenly computer security became the hot topic. The potential use of a government-owned computer network to hack into a nuclear power plant frightened every politician and bureaucrat in the room. In the end, the committee unanimously agreed to accept all of my security proposals. Entire Networks Are Vulnerable It may come as a shocking surprise, but many of the U.S. electrical power grid computer networks are unprotected. You actually have more security sending your credit card number over the Internet than the control commands that operate your electric power do.Meltdowns obliterate all lifeHarvery Wasserman, Sen. Advisor Nuclear Info and Res. Service, MA History U. Chicago, 2004, “Nuclear Power and Terrorism,” Spring, v. 17, no. 1, eijournal/new_articles.cfm?articleID=457&journalID=63Infants and small children would quickly die en masse. Pregnant women would spontaneously abort or give birth to horribly deformed offspring. Ghastly sores, rashes, ulcerations and burns would afflict the skin of millions. Heart attacks, stroke and multiple organ failure would kill thousands on the spot. Emphysema, hair loss, nausea, inability to eat or drink or swallow, diarrhea and incontinence, sterility and impotence, asthma and blindness would afflict hundreds of thousands, if not millions. Then comes the wave of cancers, leukemias, lymphomas, tumors and hellish diseases for which new names will have to be invented. Evacuation would be impossible, but thousands would die trying. Attempts to quench the fires would be futile. More than 800,000 Soviet draftees forced through Chernobyl's seething remains in a futile attempt to clean it up are still dying from their exposure. At Indian Point, the molten cores would burn uncontrolled for days, weeks and years. Who would volunteer for such an American task force? The immediate damage from an Indian Point attack (or a domestic accident) would render all five boroughs of New York City an apocalyptic wasteland. As at Three Mile Island, where thousands of farm and wild animals died in heaps, natural ecosystems would be permanently and irrevocably destroyed. Spiritually, psychologically, financially and ecologically, our nation would never recover. This is what we missed by a mere 40 miles on September 11. Now that we are at war, this is what could be happening as you read this. There are 103 of these potential Bombs of the Apocalypse operating in the US. They generate a mere 8 percent of our total energy. Since its deregulation crisis, California cut its electric consumption by some 15 percent. Within a year, the US could cheaply replace virtually all the reactors with increased efficiency. Yet, as the terror escalates, Congress is fast-tracking the extension of the Price-Anderson Act, a form of legal immunity that protects reactor operators from liability in case of a meltdown or terrorist attack. Do we take this war seriously? Are we committed to the survival of our nation? If so, the ticking reactor bombs that could obliterate the very core of our life and of all future generations must be shut down. Cyber Attacks Bad – DeterrenceCyber attacks would be used to make conventional attacks more effective, undermines our ability to deal with threatsGeneral Eugene E. Habiger, USAF, commander in chief, United States Strategic Command, Offutt Air Force Base (Ret.), 2-1-2010, “CYBERWARFARE AND CYBERTERRORISM: THE NEED FOR A NEW U.S. STRATEGIC APPROACH”, , a cyberattack could also be used to disrupt our nation’s defenses or distract our national leaders in advance of a more traditional conventional or strategic attack. Many military leaders actually believe that such a disruptive cyber pre‐offensive is the most effective use of offensive cyber capabilities. This is, in fact, the way Russia utilized cyberattackers—whether government assets, governmentdirected/ coordinated assets, or allied cyber irregulars—in advance of the invasion of Georgia. Widespread distributed denial of service (DDOS) attacks were launched on the Georgian governments IT systems. Roughly a day later Russian armor rolled into Georgian territory. The cyberattacks were used to prepare the battlefield; they denied the Georgian government a critical communications tool isolating it from its citizens and degrading its command and control capabilities precisely at the time of attack. In this way, these attacks were the functional equivalent of conventional air and/or missile strikes on a nation’s communications infrastructure.32 One interesting element of the Georgian cyberattacks has been generally overlooked: On July 20th, weeks before the August cyberattack, the website of Georgian President Mikheil Saakashvili was overwhelmed by a more narrowly focused, but technologically similar DDOS attack.33 This should be particularly chilling to American national security experts as our systems undergo the same sorts of focused, probing attacks on a constant basis. The ability of an enemy to use a cyberattack to counter our offensive capabilities or soften our defenses for a wider offensive against the United States is much more than mere speculation. In fact, in Iraq it is already happening. Iraq insurgents are now using off‐the‐shelf software (costing just $26) to hack U.S. drones (costing $4.5 million each), allowing them to intercept the video feed from these drones.34 By hacking these drones the insurgents have succeeded in greatly reducing one of our most valuable sources of real‐time intelligence and situational awareness. If our enemies in Iraq are capable of such an effective cyberattack against one of our more sophisticated systems, consider what a more technologically advanced enemy could do. At the strategic level, in 2008, as the United States Central Command was leading wars in both Iraq and Afghanistan, a cyber intruder compromised the security of the Command and sat within its IT systems, monitoring everything the Command was doing. 35 This time the attacker simply gathered vast amounts of intelligence. However, it is clear that the attacker could have used this access to wage cyberwar—altering information, disrupting the flow of information, destroying information, taking down systems—against the United States forces already at war. Similarly, during 2003 as the United States prepared for and began the War in Iraq, the IT networks of the Department of Defense were hacked 294 times.36 By August of 2004, with America at war, these ongoing attacks compelled then‐Deputy Secretary of Defense Paul Wolfowitz to write in a memo that, "Recent exploits have reduced operational capabilities on our networks."37 This wasn’t the first time that our national security IT infrastructure was penetrated immediately in advance of a U.S. military option.38 In February of 1998 the Solar Sunrise attacks systematically compromised a series of Department of Defense networks. What is often overlooked is that these attacks occurred during the ramp up period ahead of potential military action against Iraq. The attackers were able to obtain vast amounts of sensitive information—information that would have certainly been of value to an enemy’s military leaders.Cyber Attacks Bad – Nuclear LaunchCyberterrorism causes accidental nuke warSteven Starr, Nuclear Engineering Expert, Autumn 2008, “High-alert nuclear weapons: the Forgotten Danger,” Scientists for Global Responsibility Newsletter, the US nor Russia will disclose the number of false alerts experienced by their early warning systems. In 1985, the US began classifying this information, although it had previously admitted to many significant false warnings, a number of which had led to the full alert of US nuclear forces and threat assessment conferences involving the Joint Chiefs of Staff.32 While it is possible to cloak these events in secrecy, it is not possible to prevent the events themselves. As long as the US and Russia maintain LoW capability and a de facto LoW policy, the possibility remains of a false warning triggering a retaliatory nuclear attack and an accidental nuclear war. Excessive secrecy, however, does preclude informed debate and keeps the public unaware that such problems even exist. The possible causes of a false warning are no longer restricted to failures of hardware, software or human judgement. Deliberate acts of individual or statesponsored terrorism must now be factored into this most dangerous equation. Such acts could include spoofing radar or satellite sensors of early warning systems, the penetration of nuclear command and control computer networks, and the introduction of viruses or software that would mimic a full-scale nuclear attack into early warning system computers.33 Also, if terrorists obtained permission codes required to launch nuclear weapons and then obtained access to the command and control systems, or took physical control of a nuclear weapon (e.g. a road-mobile Russia SS-25), they would be able to launch the weapon(s).Cyberterrorism causes unauthorized or mistaken launchRoss Rosenbaum, Slate Staff writer, 5-9-2008, “A Real Nuclear Option for the Nominees,” it's insanely short-fused as it is. But when I spoke to Blair in Washington last week, he noted an additional cause for concern: cyber-attacks. He pointed to the preface of his Oslo paper, which focused on how "information warfare" in cyberspace heightened the threat of "inadvertent" nuclear war. "The nuclear command systems today operate in an intense information battleground," Blair wrote, "on which more than 20 nations including Russia, China, and North Korea have developed dedicated computer attack programs. These programs deploy viruses to disable, confuse, and delay nuclear command and warning processes in other nations. At the brink of conflict, nuclear command and warning networks around the world may be besieged by electronic intruders whose onslaught degrades the coherence and rationality of nuclear decision-making. The potential for perverse consequences with computer-launched weapons on hair-trigger is clear." "Perverse consequences" seems to understate the matter. In a footnote, Blair cites one scary example: the discovery of "an unprotected electronic backdoor into the naval broadcast communications network used to transmit launch orders by radio to the U.S. Trident deterrent submarine fleet. Unauthorized persons including terrorists might have been able to seize electronic control of shore-based radio transmitters ... and actually inject a launch order into the network. The deficiency was taken so seriously that new launch order validation protocols had to be devised, and Trident crews had to undergo special training to learn them." Is this the only "electronic back door"? Or is it just the only one we've discovered? And if an unauthorized launch order could be insinuated into the system by hackers, why not a false-attack warning, which could generate an authorized (but mistaken) launch order? So in addition to the potential for accidental nuclear war, there is an even more disturbing threat of deliberate-but-unauthorized nuclear launches.Cyber Attacks Bad – Space WarCyberwarfare causes space warKevin Coleman, Defense Tech Chief Cyber War Correspondent, Cyber War = Space War, March 1st, 2010, )While the satellite broadband market slowed in 2009 because of the poor economy, it still increased. The market continues to expand after U.S. regulators outlined the national broadband plan that allows satellite operators to use their radio spectrum for Internet traffic. That is why cyber security professionals are so concerned about the convergence of cyber space and space. Its becoming increasingly evident that any future war between modern militaries would be both a space war and a cyber war, in fact, they would be one and the same. Russia, China, and the U.S. have all stated they don’t want a space war, but are all preparing for one if one occurs. That sounds so familiar – oh wait a minute, didn’t Russia, China and the U.S. say the same thing about cyber war? Yes, they did. Satellites in geostationary orbits provide broadband connectivity to businesses and customers. Those satellites and their computer control ground stations present a viable target for offensive cyber actions. A hacker could disrupt or interfere with satellite control communications and could disrupt the delivery of broadband services. In the absence of such command signals, a satellite would malfunction. Worldwide attention focused on China’s successful anti-satellite missile test. While military officials question the scale and progress of the Chinese anti-satellite program, one has to wonder if China has already tested their anti-satellite cyber weapon. Military leaders are all too aware of the convergence of space and cyber space. An increasing percentage of military operations occur in cyber space and are integrated with and dependent on communication satellite systems in outer space.ExtinctionGordon Mitchell, et al, Associate Professor of Communication and Director of Debate at the University of Pittsburgh, July 2001, ISIS Briefing on Ballistic Missile Defence, “Missile Defence: Trans-Atlantic Diplomacy at a Crossroads”, No. 6 July,__ dizzying speed of space warfare would introduce intense ‘use or lose’ pressure into strategic calculations, with the spectre of split-second attacks creating incentives to rig orbiting. Death Start with automated ‘hair trigger’ devices. In theory, this automation would enhance survivability of vulnerable space weapon platforms. However, by taking the decision to commit violence out of human hands and endowing computers with authority to make war, military planners could sow insidious seeds of accidental conflict. Yale sociologist Charles Perrow has analyzed ‘complexlyinteractive, tightly coupled’ industrial systems such as space weapons, which have many sophisticated components that all depend on each other’s flawless performance. According to Perrow, this interlocking complexity makes it impossible to foresee all the different ways such systems could fail. As Perrow explains, ‘[t]he odd term “normal accident” is meant to signal that, given the system characteristics, multiple and unexpected interactions of failures are inevitable’.36 Deployment of space weapons with predelegated authority to fire death rays or unleash killer projectiles would likely make war itself inevitable, given the susceptibility of such systems to “normal accidents’. It is chilling to contemplate the possible effects of a space war. According to retired Lt. Col. Robert M. Bowman, ‘even a tiny projectile reentering from space strikes the earth with such high velocity that it can do enormous damage- even more than would be done by a nuclear weapon of the same size!’.37 In the same Star Wars technology touted as a quintessential tool of peace, defence analyst David Langford sees one of the most destabilizing offensive weapons ever conceived: ’One imagines dead cities of microwave-grilled people’. Given this unique potential for destruction, it is not hard to imagine that any nation subjected to space weapon attack would retaliate with maximum force, including use of nuclear biological, and/or chemical weapons. An accidental war sparked by a computer glitch in space could plunge the world into the most destructive military conflict ever seen. Cyber Terror Is LikelyThere are over 100 countries that can attack us – causes global instabilityGeneral Eugene E. Habiger, USAF, commander in chief, United States Strategic Command, Offutt Air Force Base (Ret.), 2-1-2010, “CYBERWARFARE AND CYBERTERRORISM: THE NEED FOR A NEW U.S. STRATEGIC APPROACH”, range of enemies have the current capacity to carry out cyberwar (in the case of other nations) or cyberterror (in the case of non‐state actors) attacks against the United States. Over 100 nations are reportedly developing cyberwar capabilities.11 Many of the nations that we have the most complex, and at times confrontational, relations are advanced in this field. Moreover, the threat of cyberattack is perhaps the most egalitarian and asymmetric of all forms of attack. Unlike in traditional warfare, the United States does not hold a singular position of dominance. No nation state does. As a result, nations that lack the capacity to go toe‐to‐toe on a kinetic battlefield with the United States are empowered, and under the right set of circumstances could even be so embolden as to attack us in cyberspace—especially if they think they can get away with it. Along these lines, one can even argue that America’s military dominance is an incentive for an aggravated or aggrieved foe to turn to cyberattacks. The threat here, however, goes well beyond unfriendly nations. In the cyber realm the basic dominance of nation‐states over non‐state actors is even fuzzy. As a 2009 study by the Rand Corporation for the U.S. Air Force aptly noted: The prerequisites for a cyberattack are few: talented hackers, intelligence on the target, exploits to match the vulnerabilities found through such intelligence, a personal computer or any comparable computing device, and any network connection.12 No non‐state actor has the nuclear or conventional military might of the average nation, let alone a major power like the United States. It is implausible to think that a group like al Qaeda or its extremist partners could deploy a wing of fighters or a fleet of submarines to engage American forces. However, in cyberspace, even nations like the United States enjoy only a modicum of advantage over the most sophisticated non‐state actors. And, at the same timed, the world is full of individuals possessing advanced IT knowledge that is available at a price. Moreover, in the cyber realm a non‐state actor is not limited geographically, technologically or militarily in their capacity to do harm. With even limited resources a terrorist group or other element can attack the most vital strategic assets of the United States. As K.A. Taipale, the executive director of the Center for Advanced Studies in Science and Technology Policy, has written: The capability to launch cyber‐attacks that can exploit these strategic vulnerabilities is “shifting to the edge,” that is, technology is empowering networked groups and individuals to directly threaten nation state security (and, thus, global stability) by putting critical infrastructure at risk.13Low threshold for terrorism – little tech is required, lack of empirics is no safeguardGeneral Eugene E. Habiger, USAF, commander in chief, United States Strategic Command, Offutt Air Force Base (Ret.), 2-1-2010, “CYBERWARFARE AND CYBERTERRORISM: THE NEED FOR A NEW U.S. STRATEGIC APPROACH”, addition to the threat of cyberwar, the limited resources required to carry out even a large scale cyberattack also makes likely the potential for a significant cyberterror attack against the United States. There are extremely few examples of specific acts of cyberterrorism to date: ? The October 2007 attack on the website of Ukrainian president Viktor Yushchenko by the Eurasian Youth Movement, by a radical Russian nationalist youth group, arguably qualifies. However, the attack produced little tangible harm or damage and many definitions of cyber terrorism, rightly or wrongly require real harm. ? Some suggest that an extortion attempt by Romanian hackers, which threatened to steal data from and shut down the life support systems for the National Science Foundation's Amundsen‐Scott South Pole Station was an act of cyberterrorism. However, there is no evidence to suggest that this attack was carried out for political purposes. ? Assuming one accepts Russia’s protestations that it had no state role in the widespread denial of service attacks on Estonia in 2007 attacks, then these attacks would amount to the most serious and clear‐cut incidence of cyberterrorism to date. However, the lack of a long list of specific incidences of cyberterrorism should provide no comfort. There is strong evidence to suggest that al Qaeda has the ability to conduct cyberterror attacks against the United States and its allies. Al Qaeda and other terrorist organizations are extremely active in cyberspace, using these technologies to communicate among themselves and others, carry out logistics, recruit members, and wage information warfare. Cybersecurity DA AnswersObama Has No Political CapitalObama has no political capitalJerry Hagstrom, staff writer, 12-29-2011, “Trade woes may pass as Russia joins WTO,” Capital Ag Press, has all but run out of political capital to tackle high unemployment, with the Federal Reserve predicting that the jobless rate will not fall below 8.5% this year. No incumbent since Franklin D. Roosevelt in the 1930s has won re-election with the unemployment rate higher than 7.2%. The opinion polls also paint a dire political picture for Obama. His approval ratings have been stuck since late June at the low 40s – well below the historical threshold of 50% for successful incumbents – with significant majorities of Americans expressing dissatisfaction with his handling of the economy. His foreign policy successes – most notably the killing of Al-Qaeda leader Osama bin Laden in late May – won him some respite in the polls. But these brief bounces were entirely wiped out by the fallout from the ugly battle over the country’s debt ceiling in August, which resulted in the first-ever downgrade in the US’ credit rating. While the Republicans got the lion’s share of the blame for the debacle, Obama was left seeming weak and indecisive against his intransigent rivals – a point of frustration that surfaced in previous fights over healthcare in 2009 and financial reforms in 2010.Future political capital losses inevitable – Obama can’t focus on anythingGlenn Thrush, staff writer, 10-31-2011, “Can Barack Obama stay on new message?” Politico, are dangers, of course, to the more confrontational tone — a break in itself from the Obama brand of postpartisan healer. One is just the difficulty of keeping it up: The White House will need to redouble its effort to stay on message over the next month, when the president will take two foreign trips and the congressional supercommittee is scheduled to report its recommendations for at least $1.2 trillion in deficit reduction. West Wing officials are particularly worried that the looming confrontation over the supercommittee will draw Obama back into another death hug with the GOP and keep him in Washington, sapping his momentum. But the broader concern for Obama is bridging the gap between his relatively low approval ratings and the overwhelming popularity of individual components of his jobs bill and tax proposal. Voters love some of the proposed policies — 73 percent of independents, for example, favor his plan to increase taxes on families making over $250,000, according to a Washington Post/ABC News poll from July. Obama’s approval numbers have been creeping up over the past six weeks, but most Americans simply don’t trust him on the economy no matter how open they are to his ideas after nearly three years of an unconvincing recovery, GOP attacks and hard-to-categorize administration policies. “We have a tough economy,” a senior administration official this week said, explaining the gap between the popularity of the president’s proposals and his job rating. “The sun comes up in the morning. The grass is green. The sky is blue. We have a tough economy. We’re going to have a tough election. That is just the deal. Nothing is going to change.” A second senior administration official said Obama’s standing with voters isn’t likely to improve before Republicans settle on a presidential candidate, and then the contrast will become clear. The GOP nominee, the official said, “will have a set of positions that are so far out of touch with the American people that it will be hard to defend.” To capitalize on the weakness of the GOP field, however, Obama must stick to his message and avoid distractions, even if it means boring the national press by delivering the same message over and over, Democrats say. White House officials say they are trying to do just that and point to his refusal to engage in the scrap with House Speaker John Boehner over the timing of the speech to Congress in which he unveiled his jobs proposal. But Obama has proved to be surprisingly distractable. It seems paradoxical that “No Drama Obama,” known during the 2008 campaign for his even disposition and dispassionate attention to the long game at the expense of the day-to-day, would be driven to distraction upon arriving in the Oval Office, but that’s exactly what happened. Much of the incoherence of Obama’s message has been due to lousy luck and a series of calamities: the ongoing world financial crisis and the collapse of the American auto industry, foreign surprises like the Arab Spring and Libya’s civil war, wild cards like the Gulf oil spill and the Japanese tsunami and nuclear meltdown, legislative battles over health care and Wall Street reform, with a concurrent breakdown of even basic governmental functionality in Washington, ushered in by the GOP resurgence in the 2010 midterms. Even administration officials admit that the imperative of getting a lot done quickly, plus the merciless media cycle, has often caused them to lose focus. The arrival last January of senior adviser David Plouffe, Obama’s no-nonsense 2008 campaign manager, was supposed to streamline things, but ingrained habits die hard.Payroll Tax Cut Drains CapitalPTC fights coming – kill PC and outweigh past victoriesAlister Bull, staff writer, 12-23-2011, “Analysis: Obama wins on tax cut, but gains are hard to sustain,” Reuters, For President Barack Obama, it was a political victory that has given his 2012 re-election campaign an identity: champion of the middle class. In facing down Republicans over a two-month extension of the payroll tax cut for 160 million Americans, Obama managed to cast conservative Republicans in the House of Representatives as symbols of the dysfunction that often has paralyzed a divided Congress. But in the months ahead, the president will face huge challenges in maintaining the momentum he now enjoys. The debate over a longer extension of the payroll tax cut -- and extended unemployment benefits for millions of Americans -- will come up again shortly after Congress returns from the holiday recess. In Round Two, Obama and Democrats almost certainly will face a better-organized opposition. The Republicans likely will be determined to fight for more budget cuts and to preserve existing tax breaks for the wealthy that the Democrats want to end -- before agreeing to extend the payroll tax cut through 2012. Obama also is likely to face a more united Republican Party beyond Washington. The tax cut debate in Congress this week took place as the Republican candidates for president were bashing one another in Iowa and New Hampshire, states that vote early in their party's nomination process. As 2012 goes on and Republicans settle on a presidential nominee -- former Massachusetts governor Mitt Romney is seen as the favorite despite his struggles so far in the campaign -- the party will be more unified in targeting Obama, analysts say. Obama's run to re-election also could be derailed by the fragile economy, which in recent months has shown signs of recovery as some real estate and labor markets have stabilized. But the nation's unemployment rate is still at 8.6 percent, which could mean trouble for the president's re-election prospects. In an interview with Reuters on Thursday, Romney made it clear that his campaign would focus on what he called Obama's failure in dealing with jobs and the economy. Obama is likely to face the question that Republican Ronald Reagan posed to voters in his first successful run for president in 1980 against Democratic incumbent Jimmy Carter: Are you better off now than you were four years ago? "In the end, that Reagan question ... will still be the question that people are going to debate when they vote in November of 2012, unless the Republicans put up an unacceptable alternative," said Stephen Wayne, professor of government at Georgetown University. A FOCUS ON THE MIDDLE CLASS Before leaving Washington on Friday to join his family for a holiday vacation in his native Hawaii, Obama laid the groundwork for his next round with Republicans in Congress -- and made it clear that his populist theme would continue. He called on Congress to work "without drama, without delay" to extend the payroll tax cuts and unemployment benefits for a full year. And Obama -- who received more than 30,000 responses on Twitter, Facebook and e-mail after asking Americans what they would do with about $40 per biweekly paycheck in savings from the tax cut -- thanked them for writing. The year ahead, he said, would be a "make or break moment for the middle class in this country," making it clear that he would cast himself as their defender. By striking a populist chord to build public support against compromise-resistant House Republicans aligned with the conservative Tea Party movement, Obama ended what essentially was a year-long losing streak. Time after time this year, Obama and Democrats backed down to Republican demands for spending cuts, moves that analysts say had begun to demoralize some Democrats and make Obama appear weak. The glow from this week's success will fade soon, analysts say, unless Obama manages to find new ways to feed his populist narrative. "The memory of any given stand-off between a president and Congress is very, very short," said Ross Baker, a political science professor at Rutgers University in New Jersey.PTC debate will cause massive fightsRobert Pear, staff writer, 12-27-2011, “Payroll tax deal just sets the stage,” Sacramento Bee, Congress handily passed a bill to set payroll tax rates, jobless benefits and Medicare doctors' fees for the next two months, it seemed to end an epic political struggle between President Barack Obama and Republicans on Capitol Hill. In fact, that was just the beginning.Every issue in dispute remains unresolved, waiting to be addressed when Congress returns next month for an election-year session in which agreements could be even more elusive.Payroll Tax Cut = Top Of DocketPTC is Obama’s only focus and it causes massive fightsCarol E. Lee, staff writer, 12-31-2011, “White House Looks to Shrunken 2012 Legislative Agenda,” WSJ, ProQuest.HONOLULU--President Barack Obama heads into 2012 with a legislative agenda that essentially consists of just a single item--a long-term extension of a payroll tax holiday--deferring a fight over deficit reduction and the Bush-era tax cuts and all but giving up on the remaining components of his jobs bill as he pivots to an election-year strategy of attacking Congress. White House spokesman Josh Earnest said extending the payroll tax break through next year, a fight that will consume Congress after lawmakers return to Washington in January, is "the last must-do item of business on the president's congressional agenda." "There are certainly other things that the president would like to do," Mr. Earnest said, adding that Mr. Obama will continue to prod Congress to pass some of his jobs proposals. "But in terms of essential, must-do items, the payroll-tax-cut extension is the last one." Mr. Obama will also step up his use of his executive authority in the New Year, Mr. Earnest said, by announcing at least several new economic initiatives each week. The president's central focus after he returns to Washington next week from a vacation in Hawaii will be on the payroll-tax cut, which has become a catalyst for his 2012 political message. PTC is the top priorityMark Landler, staff writer, 12-31-2011, “Obama to Turn Up Attacks on Congress in Campaign,” NYT, a full-year extension of the payroll tax, Mr. Earnest said, will still be a top priority. He noted that House Republicans were now also arguing that it should be extended for a year, after some initially opposed extending it at all. “There are certainly other things the president would like to do,” Mr. Earnest said, citing other provisions of the jobs bill. “But in terms of essential, must-do items, the payroll tax cut extension is the last one.” No more showdownsMark Knoller, staff writer, 12-31-2011, “Obama's strategy: Staying "above the fray,” CBS, a second-term at stake, President Obama's strategy for 2012 is aimed at avoiding the kind of cliffhanger showdowns with Congress that marked the year just ending. He also plans to expand on his effort to be seen as a warrior for the middle class. "As I've said before, we are at a make-or-break moment for the middle class," Mr. Obama said today in his weekly address on radio and the Internet. Just hours before the start of the New Year, President Obama is promising to do everything he can "to make America a place where hard work and responsibility are rewarded: one where everyone has a fair shot and everyone does their fair share." It's a reiteration of the ideological approach he unveiled December 6 in a speech in Osawatomie, Kansas. "We're going to be doubling-down on our commitment and our message in terms of fighting for the middle class," explains White House Deputy Press Secretary Josh Earnest, who briefed reporters here Thursday on the president's outlook for the New Year. The White House sees Congress as the most unpopular public institution in America - and President Obama will be looking to further distance himself from dealing with it. Portraying Congress as "gridlocked" and "dysfunctional," Earnest said Mr. Obama wants to be seen as a leader "leaving no stone unturned" in pursuit of solutions to the financial and economic challenges facing the country. The White House sees only one "must-do item of business" that President Obama must finish with Congress: Extending the payroll tax cut from two months to all of 2012.Obama Won’t Spend Capital On CybersecurityPlan trades off with PTC not cyber securityWashington Post 12-27-11. Will the payroll tax conference committee be ‘Supercommittee 2.0’?By Felicia Sonmez, Congress reconvenes in January, at the top of its agenda will be an effort by a bipartisan, bicameral group of lawmakers to strike a deal that either finds savings in the federal budget or raises taxes -- or both. Sound familiar? The mandate of the 20 lawmakers tapped to serve on the payroll tax conference committee is somewhat similar to that of the bipartisan “supercommittee” that fell short in its effort to tame the debt this fall. But there are several key differences between the two panels. Below is our comparison of the two committees. Thoughts? Questions? The comments section is open for business. Similarities Mandate: Both panels were charged with finding a minimum amount in budget savings. The 12 members of the supercommittee were told to pinpoint at least $1.2 trillion in deficit savings before a Thanksgiving deadline. The payroll tax conference committee must strike a deal before Feb. 29 on a nearly $170 billion package that extends the payroll tax holiday, unemployment benefits and the “doc fix,” which prevents a drop in reimbursement rates for doctors who see Medicare patients. The new panel is likely to face the same hurdle that has played out in Congress for much of this year – where to cut the budget and where to turn for new revenue. Timing: The supercommittee’s already-tough task was worsened by the conflicting schedules of the House and Senate -- for four weeks in October and November, for instance, both chambers were in session at the same time for only four days. In the latest battle, lawmakers are similarly short on time. The House and Senate are in session at the same time for only four days in January. The President’s Day recess falls the week before the payroll tax extension expires on Feb. 29. So lawmakers have only about three weeks in February to work out an agreement. House Minority Whip Steny Hoyer (D-Md.) told reporters Friday that negotiators could come back to Washington as early as next week to begin working on a deal, but there have been no scheduling announcements.Obama only pushes PTC, not cybersecurityPeter Nicholas, staff writer, 1-1-2012, “Obama's resolution? To limit dealings with Congress,” LA Times, into the new year, President Obama will insist that Congress renew the payroll tax cut through the end of 2012, but will otherwise limit his dealings with an unpopular Congress, and instead travel the country to deliver his reelection message directly to voters, a White House aide said. "In terms of the president's relationship with Congress in 2012 — the state of the debate, if you will — the president is no longer tied to Washington, D.C.," spokesman Josh Earnest said in a news briefing in Honolulu. The assertion is striking given that Obama, as president for nearly three years, is the symbol and personification of the federal government. It also offers a glimpse into an Obama reelection strategy that will target a "do-nothing'' Congress much in the style of Harry S. Truman's reelection campaign in 1948. With most legislative cliffhangers behind him, Obama does not consider the rest of his policy agenda to be a "must-do" for lawmakers, Earnest said. Rather, the White House believes Obama would be well-served by continuing to distance himself from a Congress often blamed for Washington's gridlock and infighting. As the year unfolds, Obama will use executive authority to roll out more initiatives designed to boost the economy and assist struggling families, the White House aide said. Obama has already unveiled 20 such measures under the White House's new slogan, "We can't wait." Earnest said that the White House's goal was to contrast the image of a "gridlocked, dysfunctional Congress" with "a president who's leaving no stone unturned to try to find solutions to the difficult financial challenges and economic challenges facing this country." Obama will also make the case for passage of his $447-billion jobs package, most of which Congress has rejected over the last three months. His jobs plan includes money to keep public workers on the job and rebuild the nation's roads, ports and bridges. But it seems doubtful that he'll push Congress on his jobs plan with the same focus that he brought to the payroll tax cut debate. In late December, Congress agreed to extend the payroll tax cut for two months, following a high-stakes showdown with Obama that delayed his Hawaiian vacation for six days. Nothing else on Obama's menu requires congressional action as urgently as the tax cut, the White House said. If Congress were to let the cut expire at the end of February, tens of millions of Americans would be hit with a tax increase, harming the fragile economic recovery, the White House contends. Earnest said that now that Obama was "sort of free from having to put out these fires, the president will have a larger playing field, as it were. And if that playing field includes working with Congress, all the better. But I think my point is that that's no longer a requirement."Payroll Tax Cut Will Not Be A WinNo compromises – Boehner wont back downThe Economist, 12-31-2011, “Backfiring brinksmen.”The political implications are less clear. Mr Boehner wisely cut his losses early on an issue that was trivial in the scheme of things. Public disenchantment with the tea party has grown, but Republican legislators are unlikely to pay a very high price. David Wasserman of the Cook Political Report reckons all but five of the 60 House Republicans who form the tea-party caucus are in safe districts. Mr Obama will probably find Republicans no more disposed to compromise on taxes or anything else in 2012 than in 2011—starting with January’s negotiations to turn the two-month extension into one lasting the full year.GOP compromise is key – they say no inevitablyMark Thoma, staff writer, 12-31-2011, “Will the Payroll Tax Cut be Extended Through the End of 2012?” Wall Street Pit, Benen doesn’t think there’s a very good chance that the payroll tax cut will be extended through the end of 2012: Enjoy the payroll tax break while it lasts, by Steve Benen: Last week, after a needlessly-contentious process, Congress approved a two-month extension of the payroll tax break. As part of the agreement, a conference committee will try to come up with an agreement to extend the cut through the end of 2012. I’ve been rather pessimistic about the likelihood of success, and yesterday, the odds got worse. The Senate Republican leader announced Friday that he had chosen three of his colleagues to try to thrash out a bipartisan deal on payroll taxes, unemployment benefits and Medicare. The three Republican senators will join four Democratic senators and 13 House members on a conference committee… The newly named Republican conferees are Senators Jon Kyl of Arizona, Michael D. Crapo of Idaho and John Barrasso of Wyoming. These … are three senators you’d appoint to a conference committee if you want to be destructive. Kyl, for example, was instrumental in sabotaging the super-committee process… Crapo and Barrasso, meanwhile, are two far-right senators who’ve never demonstrated any willingness to accept concessions on anything. What’s more, note that the House GOP leadership has already announced its conferees, most of whom have already said they don’t want a payroll-cut extension no matter what concessions Democrats are willing to make… What about the risk of being blamed? Remember,… the process itself offers cover. Instead of last week, when House Republicans became the clear villains,… the party will find it easier to spread the blame around. “It’s not our fault,” GOP leaders will say. “We tried to work with Democrats on a deal, but one didn’t come together. Oh well.”… and the media would feel obligated to say “both sides” failed to reach an agreement.Appointments Will Drain Political CapitalFuture fights on appointments are inevitableDavid Stout, staff writer, 1-6-2012, “ Obama’s ‘Recess’ Appointments Ignite Fight With Huge Implications,” Main Justice, Barack Obama’s decision to appoint Richard Cordray as head of a new consumer-protection agency and install three members on the National Labor Relations Board while the Senate was in recess — if it was — didn’t just set off a political food fight. It may have ignited a battle with constitutional implications. “The decision to install the four nominees without Senate approval under the constitutional provision for making appointments when lawmakers are in recess was a provocative opening salvo in Mr. Obama’s re-election strategy of demonizing Congress,” The New York Times noted the other day. “It threatened to ignite a legal challenge and left Republicans fuming that the president was abusing the recess privilege.” The move didn’t just leave the Republicans fuming. As Charlie Savage of The Times wrote, it raised basic questions of what constitutes a “recess.” Members of the Senate, who jealously guard their powers and prerogatives, don’t consider themselves in recess. Indeed, over the holidays a few members have strolled in to the chamber to wield the gavel, signifying that the body is definitely not in recess. But that pro forma exercise isn’t enough, the White House contends. “Can the Senate, through form, render a constitutional power of the executive obsolete?” Kathryn Ruemmler, the president’s White House Counsel, said in an interview with Savage. “Our view is that the answer to that question is clearly no.” Senate Democrats originally hatched the idea of holding pro-forma sessions to block George W. Bush’s recess appointments. But Senate Republicans – the minority in the chamber – have taken the move a step further. Republicans are citing a clause in the Constitution to justify their ability to keep the Senate in pro-forma session, even though Democrats control the chamber. That clause in Article 1 of the Constitution requires each House of Congress to consent to the adjournment of the other if no business will be conducted for more than three days. Republicans control the House and have not agreed to adjourn. As Main Justice reported when Ruemmler was named the White House counsel last June, Obama described her as a lawyer “with impeccable judgment.” She was the Principal Associate Deputy Attorney General, the No. 2 person in the Deputy Attorney General’s office, from January 2009 until she moved to a deputy’s job in the White House counsel’s office in January 2010. She also served as associate counsel to President Bill Clinton in 2000 and 2001 and was a DOJ trial attorney on the Enron task force. Predictably, the Senate Republican minority leader, Mitch McConnell of Kentucky, disagreed with Ruemmler, asserting that Obama had “arrogantly circumvented the American people.” McConnell added that the move “fundamentally endangers” Congress’s ability to be a check on the executive branch. But Massachusetts Sen. Scott Brown, a Republican expected to face a tough re-election challenge this year from the consumer protection agency’s godmother Elizabeth Warren, called the nominating system “completely broken” in supporting the move. It’s virtually certain that the dispute will boil after Congress returns to the Capitol, as Josh Gerstein observed in Under the Radar. Gerstein said the White House wouldn’t say if it relied on an opinion from the Department of Justice’s Office of Legal Counsel before making the appointments. Sen. Charles E. Grassley of Iowa, ranking Republican on the Senate Judiciary Committee, accused Obama of “ignoring the longstanding advice” of the OLC that an adjournment of “five or even 10 days” would not be sufficient for a recess appointment, Gerstein reported. Grassley said he will press the DOJ for that opinion, if it exists. And Todd Gaziano, who worked in the OLC under several presidents years ago and is now director of the Center for Legal and Judicial Studies at the conservative Heritage Foundation, called Obama’s move “a tyrannical abuse of power” and “quite shocking” in a blog posting, as Savage noted. Main Justice readers may remember Gaziano for his role at the U.S. Commission on Civil Rights, where he led the racially tinged New Black Panther Party voting rights investigation aimed at the Barack Obama Justice Department. The coming weeks seem likely to foment more bitterness over the recess appointments (if that’s what they were) between the White House and Senate Republicans. Will it all be forgotten on Inauguration Day, a little over a year from now? Or will Richard Cordray’s name live on in the history of the law, as William Marbury’s has since the early days of the Republic?Appointments cause political nuclear warTim Mak, staff writer, 12-26-2011, “It's World War III at the NLRB,” Politico, , the House of Representatives has refused to sign off on allowing the Senate to go into recess, meaning that Obama has not been able to make a traditional recess appointment to the NLRB or other agencies where Republicans have declined to confirm nominees. In a letter sent on Dec. 19, all 47 Senate Republicans urged the president not to make a recess appointment to the NLRB during the short mandatory adjournment of the Senate in between sessions of Congress. “There would be nuclear war over the president redefining what a recess appointment is,” since presidents have traditionally not made recess appointments without an extended recess, said Fred Wszolek of the business-oriented Workplace Fairness Institute. “It would be incredibly controversial [to recess appoint]. I expect he won’t do that,” said Randy Johnson, the Senior Vice President for labor issues at the U.S. Chamber of Commerce. “The president needs to reach out to the business community to talk about candidates, and maybe we can come up with a package.” Regardless of the course of action the president chooses to take, it is sure that the NLRB will remain a topic of controversy in 2012. “Whether or not the board continues to [maintain a quorum], there is going to be extreme tension between Congress and the president – a lot of fighting – as Congress is now emboldened to attack the labor board, as they have been doing in recent months,” said Gould, pointing out that although Republicans did not confirm Clinton’s nominees in the 1990s, they did at least allow him to make recess appointments.Cyberterrorism Won’t HappenNo cyberterror – doesn’t achieve terrorists’ goals and they can’t cause enough damage to trigger their impactsAustin Smith and Laurenne Wallman, writers for UPI, 10-11-2011, “Terrorists yet to turn to cyberattacks” expert James Lewis, of the Center for Strategic and International Studies, said in a telephone interview that causing physical damage and devastation using the Web is far more complicated than the minor attacks terrorist groups may be able to launch. "They are looking for a splashier event," Lewis said. "They want explosions and things that will play well on the nightly news. Making the traffic lights blink on and off might not do that for them."No cyberterror – groups don’t have internal knowledgeAustin Smith and Laurenne Wallman, writers for UPI, 10-11-2011, “Terrorists yet to turn to cyberattacks” said that U.S. infrastructure is no better protected than the reactor in Iran was but that terrorist groups aren't likely to have the resources to gain the internal knowledge they would need to infiltrate U.S. systems. "It's actually a lot harder not because of the technical component, but because of the amount of intelligence required to do it properly," said Allan Friedman of the Center for Technology Innovation at the Brookings Institution, a nonpartisan Washington think tank. Liam O Murchu, of Symantec Corp., a California software security company, said, Stuxnet "has shown us that you can write a piece of software that will be able to change how a factory works." To replicate a similar attack -- one focused on a particular target -- would require precise insider intelligence and millions of dollars.No evidence that groups could pull off attacks – all hypeStuart Fox, Assistant Editor of InnovationNewsDaily, 7-2-2011, “Why Cyberwar Is Unlikely” "One day we're going to wake up and find that Al Qaeda or one of these more extreme groups will get this capability. That's what I worry about," Lewis said. "They don't have this capability now. There’s some indication that they know about the black market. But it's like them trying to acquire any other advanced weapon system." But so far, there's no evidence that any terrorist group plans on launching a cyberattack against the U.S. In fact, there's not really any evidence that any country plans on initiating cyberwar against any other country in the near future.Cyberterrorism Would Not Have An ImpactNo impact to cyber terrorism – never an attack, don’t have the ability, infrastructure is resilientGabriel Weimann, senior fellow at the USIP and Comm Prof, December 2004, Cyberterrorism: How Real Is the Threat?Amid all the dire warnings and alarming statistics that the subject of cyberterrorism generates, it is important to remember one simple statistic: so far, there has been no recorded instance of a terrorist cyberattack on U.S. public facilities, transportation systems, nuclear power plants, power grids, or other key components of the national infrastructure. Cyberattacks are common, but they have not been conducted by terrorists and they have not sought to inflict the kind of damage that would qualify them as cyberterrorism. When U.S. troops recovered al Qaeda laptops in Afghanistan, officials were surprised to find its members more technologically adept than previously believed. They discovered structural and engineering software, electronic models of a dam, and information on computerized water systems, nuclear power plants, and U.S. and European stadiums. But the evidence did not suggest that al Qaeda operatives were planning cyberattacks, only that they were using the Internet to communicate and coordinate physical attacks. Neither al Qaeda nor any other terrorist organization appears to have tried to stage a serious cyberattack. For now, the most damaging attacks and intrusions, experts say, are typically carried out either by disgruntled corporate insiders intent on embezzlement or sabotage or by individual hackers—typically young and male—seeking thrills and notoriety. According to a report issued in 2002 by IBM Global Security Analysis Lab, 90 percent of hackers are amateurs with limited technical proficiency, 9 percent are more skilled at gaining unauthorized access but do not damage the files they read, and only 1 percent are highly skilled and intent on copying files or damaging programs and systems. Most hackers, it should be noted, concentrate on writing programs that expose security flaws in computer software, mainly in the operating systems produced by Microsoft. Their efforts in this direction have sometimes embarrassed corporations but have also been responsible for alerting the public and security professionals to major security flaws in software. Moreover, although there are hackers with the ability to damage systems, disrupt e-commerce, and force websites offline, the vast majority of hackers do not have the necessary skills and knowledge. The ones who do, generally do not seek to wreak havoc. Douglas Thomas, a professor at the University of Southern California, spent seven years studying computer hackers in an effort to understand better who they are and what motivates them. Thomas interviewed hundreds of hackers and explored their "literature." In testimony on July 24, 2002, before the House Subcommittee on Government Efficiency, Financial Management and Intergovernmental Relations, Thomas argued that "with the vast majority of hackers, I would say 99 percent of them, the risk [of cyberterrorism] is negligible for the simple reason that those hackers do not have the skill or ability to organize or execute an attack that would be anything more than a minor inconvenience." His judgment was echoed in Assessing the Risks of Cyberterrorism, Cyber War, and Other Cyber Threats, a 2002 report for the Center for Strategic and International Studies, written by Jim Lewis, a sixteen-year veteran of the State and Commerce Departments. "The idea that hackers are going to bring the nation to its knees is too far-fetched a scenario to be taken seriously," Lewis argued. "Nations are more robust than the early analysts of cyberterrorism and cyberwarfare give them credit for. Infastructure systems [are] more flexible and responsive in restoring service than the early analysts realized, in part because they have to deal with failure on a routine basis."No cyber terrorism – no attack yet, US defense is air-gapped, companies have proven resilient, hackers have no political goals and won’t cooperate with terroristsGabriel Weimann, senior fellow at the United States Institute of Peace and professor of communication at the University of Haifa, Israel, Cyberterrorism: How Real Is the Threat?, December 2004It seems fair to say that the current threat posed by cyberterrorism has been exaggerated. No single instance of cyberterrorism has yet been recorded; U.S. defense and intelligence computer systems are air-gapped and thus isolated from the Internet; the systems run by private companies are more vulnerable to attack but also more resilient than is often supposed; the vast majority of cyberattacks are launched by hackers with few, if any, political goals and no desire to cause the mayhem and carnage of which terrorists dream. So, then, why has so much concern been expressed over a relatively minor threat?AT: Al Qaeda Can Do CyberattackAl Qaeda is getting wrecked – worst year everClint Watts, former Executive Officer of the Combating Terrorism Center at West Point, 1-2-2012, “Al Qaeda 2012,” Selected Wisdom, Qaeda is not dead yet, but it’s not nearly as strong as it was one year ago. Al Qaeda encountered its worst year ever in 2011 losing countless key leaders in Pakistan, Yemen and Somalia. Meanwhile a host of Arab revolutions unseated dictators long labelled by al Qaeda as apostate tools of the West. Al Qaeda played no part in these 2011 uprisings and gained a host of Islamist group competitors in the aftermath of these revolutions . Thus, 2012 will constitute al Qaeda’s sink or swim year. Al Qaeda must transform and reinvigorate its base of support or will likely be crowded out by the advances of alternative Islamist groups taking control of Arab governments.US has won – internal Al Qaeda chatter. Benjamin Friedman, research fellow at Cato for Defense and Homeland Security Studies, 7-7-2011, “Al Qaedas Mythical Unity,” Cato, lnThe mythical al Qaeda is a hierarchical organization. After losing its haven in Afghanistan, it cleverly decentralized authority and shifted its headquarters to Pakistan. But central management still dispatches operatives globally and manages affiliates according to a strategy. The real al Qaeda is a fragmented and unmanageable movement. In the 1990s, it achieved limited success in getting other jihadists to join in attacking the West. It was not managerial innovation but the U.S. invasion of Afghanistan and other governments pressures that destroyed the limited hierarchy al Qaeda Central had achieved. Its scattered remnant in Pakistan controls little locally and less abroad. The leaders have cachet but lack the material incentives that real managers distribute to exercise authority. Al Qaeda became bunches of guys with diminished capability.* The myth is destructive to counterterrorism. Because tightly-run organizations are better at mass violence than disparate movements, the myth creates needless fear that encourages overly ambitious and expensive policies, like the war in Afghanistan. The myth increases the number of enemies we face, taking focus from real ones. Most jihadist militants hate Americans but don’t try to kill us. They fight locally. Attacking them risks making them into what we fear they are and stoking nationalistic resentment that increases their popularity. My anecdotal sense is that events since 9/11 have increasingly brought commentators around to truth. Even so, the media, for simplicity’s sake, tends towards the myth. And the Obama administration, despite improving upon its predecessors absurdly broad definition of our terrorist enemies, still overstates al Qaeda Centrals unity and control of affiliates. More importantly, U.S. policies still pay insufficient attention to the distinction among various al Qaeda entities. Here are three recent examples of this rhetorical error and its consequences: (1) Since bin Ladens death, U.S. officials, analysts, and pundits have claimed that the cache of emails found in his compound contradict recent intelligence reports downplaying his control. The emails, we are told, show that he was still running the show and that al Qaeda Central remained potent. Last week, however, McClatchy quoted more anonymous officials suggesting that to al Qaeda types in Pakistan and beyond, bin Laden was like a cranky old uncle that you respectfully listen to and ignore. The Washington Post reported that the emails show al-Qaeda leaders in Pakistan complaining about depleted funds, declining popularity, and CIA drones decimating their ranks. The White House seems conflicted about which view of al Qaeda to take. It commendably wants to belittle al-Qaeda, robbing it of mystique by portraying bin Laden as pathetic and weak. On the other hand, it needs the threat of a powerful al-Qaeda to justify the war in Afghanistan and other controversial policies. (2) Media reports often give the impression that al Qaeda in the Arabian Peninsula (AQAP) are the core of the militant group (Ansar al-Sharia) revolting in Yemens south. The implication is al Qaeda could soon control territory for the first time. Too little attention is given to the uncertain role AQAP plays among Yemen’s militants and its limited ties to al-Qaeda Central. Bin Laden apparently asked AQAPs leader to attack Americans rather than gathering territory locally, suggesting that its commitment to attacking us may be limited. The point is not that we should ignore al Qaeda terrorists in Yemen. But uncertainty about their role in Yemen and intent cautions against undifferentiated assaults on their leaders, let alone those of Ansar al-Sharia.Cybersecurity Legislation FailsToo antiquated and punishes the victimUPI, 10-16-2011, “Critic slams Obama's cybersecurity plan,” UPI, , Aug. 16 (UPI) -- The White House cybersecurity plan does little to improve conditions and misguidedly focuses on punishing attack victims, a critic says. Internet Security Alliance President and Chief Executive Officer Larry Clinton said the plan, announced in May, is antiquated and not adequately adaptive for today's cybersecurity environment, The Hill reported Tuesday. "They are fighting the last war," Clinton says in an upcoming episode of C-SPAN's "The Communicators." "The model they are using for dealing with the private sector is largely antiquated." The White House plan calls for the Department of Homeland Security to develop cybersecurity standards in partnership with private companies deemed "critical infrastructure." Those companies would then face public security audits if they failed to comply with the standards, The Hill said. "This is a punitive model where we're trying to blame the victims of the attack," Clinton said, calling the approach "name and shame." "I don't think that the administration's proposal really does anything that I can see to enhance cybersecurity."Cybersecurity legislation would fail – congress doesn’t know how to write the lawParham Eftekhari, Government Technology Research Alliance, 8-2-2011, “The Problem with Cybersecurity Legislation,” good news is that this year alone we have seen over 50 pieces Cybersecurity legislation proposed to Congress (although I’m not sure when they are finding time to act on them given all the partisan bickering that has been going on… but that’s for the Washington Post to talk about). This sharp uptick shows that at long last, even politicians are starting to realize the importance of Cybersecurity and are making it part of their agenda. While this trend is promising, the reality is that existing laws are for the most part ineffective in actually preventing, combating or prosecuting cybercrime. Among the reasons why: 1. Lawmakers are having trouble keeping up with the pace of technology 2. Legislative lifecycles and the speed at which technology is being adopted means that laws are often outdated as soon as they are passed 3. State and sector-specific laws create a compliance nightmare for solution providers and use up limited resources 4. No general consensus on who is accountable for data breaches in the Cloud While these challenges are broad and difficult to overcome, it is not impossible to do. To start with, it is imperative that legislators tap into highly qualified and forward-thinking Cybersecurity experts from industry, government and academia to fundamentally change the way in which laws are written and how they govern. The book will make some recommendations which I don’t want to give away just yet, but they involve changing the jurisdiction of laws, moving the focus of the laws away from the technology, and providing incentives for collaboration. ................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
Related searches
- west coast surgical associates
- west coast college west covina
- west coast university irvine jobs
- costa rica west coast map
- florida west coast colleges and universities
- map of west coast of florida
- west coast satellite loop
- west coast radar
- west coast usa weather radar
- west coast doppler radar
- west coast weather map forecast
- west coast satellite