The Department of Homeland Security wants to overhaul a controversial Obama-era program focused on identifying industrial facilities where a cyber attack would have catastrophic consequences.
But industry is worried that the government will go about it the wrong way.
“Section 9” of former President Obama’s first cybersecurity executive order, issued in 2013, called for identifying specific entities where a cyber attack could lead to extensive death and injury or major economic turmoil.
The list has been a closely guarded secret since it was compiled five years ago, and the process for being designated a “Section 9-a” entity was initially controversial. Industry groups feared everything from specific new regulations to possibly being singled out for attack if adversaries got ahold of the list.
Those concerns have ebbed over the years, but industry sources, congressional aides and former Obama administration officials are calling for care and close collaboration in any effort to update Section 9, including the proposal in the report to create a specific new program office at DHS.
Such an office could…
