The industry-based Internet Security Alliance is pressing the White House to issue a presidential order to streamline regulatory requirements for cybersecurity, hoping to build on recent Trump administration initiatives.
“The White House has been increasing its focus on cybersecurity including by issuing the recent executive order on America’s cybersecurity workforce, which recognized that the nation had too few cybersecurity experts to confront growing threats,” writes ISA’s Dan Lips in a blog post Wednesday.
Lips posted the item to coincide with the National Governors Association’s cybersecurity summit in Louisiana this week. State officials there were raising concerns about the regulatory burdens in dealing with the federal government’s cybersecurity requirements.
He cites state officials at the NGA meeting who “highlighted examples from other state CIOs about the burden complying with federal agency regulations, which in some cases provide differing guidance. For example, the IRS, FBI, and Social Security Administration ‘have three different standards for many aspects of security including the rule that governs successful login attempts,’” Lips quotes a state official saying.
“Facing this persistent threat, the public would likely hope that federal and state governments are working side-by-side to stop and deter adversaries,” Lips wrote. “But too often state cybersecurity officials are dedicating scarce resources to complying with differing federal regulations to administer government programs.”
Lips is likely trying to capitalize on the White House’s anti-regulatory stance which has included a government-wide freeze on additional requirements.
“We cannot afford to waste scarce resources on unnecessary bureaucratic compliance,” Lips wrote, adding: “Regulatory harmonization should be next on the White House’s list.”