CIAO DATE: 12/2010
December 2010
Center for Strategic and International Studies
The absence of consensus, and therefore of policy, on how to balance privacy with the need for government cybersecurity measures, has led many to contemplate intelligence oversight practices as a possible model for oversight in the cybersecurity realm. Reliance on intelligence privacy oversight practices for cybersecurity might allow us to duck the hard work of developing appropriate cybersecurity policy, but it would not in the end further cybersecurity for the nation. A better approach would be to adopt the purely structural aspects of Executive Order 12333, developing a parallel executive order tailored to the distinct goals and operational drivers of cybersecurity. Such a document would establish basic guidelines for policy governing cyber mission, frame cybersecurity oversight processes, and mandate the development and approval of procedures to implement them.
Resource link: Oversight for Cybersecurity Activities [PDF] - 542K