<b><i>Online Extra</b></i>White House Offers Incentives for Cybersecurity Program

President Barack Obama's administration has drafted a potential recipe for sweetening its voluntary corporate cybersecurity program. The program is under development at the White House and is aimed at utility companies and other businesses that are key to U.S. infrastructure.

The White House on August 6 revealed possible incentives it may use to bring critical infrastructure companies into the program, which would encourage the development of capabilities to mitigate cyber risk. The potential enticements include cybersecurity insurance through agencies, reduced tort liability, easier access to federal grants and technical assistance, public recognition, and utility rate adjustments to help offset cybersecurity investments.

“Over the next few months, agencies will examine these options in detail to determine which ones to adopt and how, based substantially on input from critical infrastructure stakeholders,” Michael Daniel, the White House's top cybersecurity adviser, wrote in a blog post announcing the incentives. “We believe that sharing the findings and our plans for continued work will promote transparency and sustain a public conversation about the recommendations. Publishing these agency reports is therefore an interim step and does not indicate the Administration's final policy position on the recommend actions.” See, “Incentives to Support Adoption of the Cybersecurity Framework,” The White House Blog.

The cybersecurity program is slated to launch after the Obama administration releases in February 2014 a final framework of key practices to address cyber risk. A draft version of the framework is expected in October of this year.

Jamie Barnett, co-chairman of Venable's telecommunications group and a partner in the firm's cybersecurity practice, said the incentives are positive. But he said the White House should consider tax incentives, as well as its constraints on liability limitation without legislation.

President Obama in February signed an executive order to develop the cybersecurity program and create incentives to make critical infrastructure companies a part of it. See, “Executive Order ' Improving Critical Infrastructure Cybersecurity.” The order came after cybersecurity legislation stalled last year. Congressional Republicans were worried the legislation would create new government regulations for companies, while Democrats worried about privacy concerns. Senate Homeland Security and Governmental Affairs Committee Chairman Tom Carper (D-DE) and other lawmakers have filed cybersecurity bills again this year.

Andrew Ramonas is a Reporter for Corporate Counsel, an ALM affiliate of Internet Law & Strategy.

President Barack Obama's administration has drafted a potential recipe for sweetening its voluntary corporate cybersecurity program. The program is under development at the White House and is aimed at utility companies and other businesses that are key to U.S. infrastructure.

The White House on August 6 revealed possible incentives it may use to bring critical infrastructure companies into the program, which would encourage the development of capabilities to mitigate cyber risk. The potential enticements include cybersecurity insurance through agencies, reduced tort liability, easier access to federal grants and technical assistance, public recognition, and utility rate adjustments to help offset cybersecurity investments.

“Over the next few months, agencies will examine these options in detail to determine which ones to adopt and how, based substantially on input from critical infrastructure stakeholders,” Michael Daniel, the White House's top cybersecurity adviser, wrote in a blog post announcing the incentives. “We believe that sharing the findings and our plans for continued work will promote transparency and sustain a public conversation about the recommendations. Publishing these agency reports is therefore an interim step and does not indicate the Administration's final policy position on the recommend actions.” See, “Incentives to Support Adoption of the Cybersecurity Framework,” The White House Blog.

The cybersecurity program is slated to launch after the Obama administration releases in February 2014 a final framework of key practices to address cyber risk. A draft version of the framework is expected in October of this year.

Jamie Barnett, co-chairman of Venable's telecommunications group and a partner in the firm's cybersecurity practice, said the incentives are positive. But he said the White House should consider tax incentives, as well as its constraints on liability limitation without legislation.

President Obama in February signed an executive order to develop the cybersecurity program and create incentives to make critical infrastructure companies a part of it. See, “Executive Order ' Improving Critical Infrastructure Cybersecurity.” The order came after cybersecurity legislation stalled last year. Congressional Republicans were worried the legislation would create new government regulations for companies, while Democrats worried about privacy concerns. Senate Homeland Security and Governmental Affairs Committee Chairman Tom Carper (D-DE) and other lawmakers have filed cybersecurity bills again this year.

Andrew Ramonas is a Reporter for Corporate Counsel, an ALM affiliate of Internet Law & Strategy.