Obama vs. Romney on cybersecurity

In their respective platforms, the Republicans and Democrats each briefly touch on what they both describe as a paramount threat facing the U.S.: cybersecurity. In keeping with the partisan divides that prevented lawmakers from passing cybersecurity legislation this year, each side offers a different – but decidedly familiar – take on the issue.

While neither party goes in-depth in its platform summary addressing cybersecurity, they both include plans that include basic tenets that were part of  cybersecurity bills that failed in Congress. While there isn’t much in the way of cyber-policy revelations, there are hints of action that could come – including a possible executive order.

The platforms include a handful of similarities: Both sides recognize the significance of the issue, the importance of collaboration within government and with industry, and the need for investment in cyber research and development.

Like proposed legislation that came before, that’s about where the parallels end.

The Republicans call for a hands-off approach that echoes the SECURE IT Act championed by Sen. John McCain (R-Ariz.) earlier this year. The emphasis is on the public and private sectors working together, allowing for “the free flow of information” between network managers and the within industry. It also places the onus on the government to better protect their own systems.

The GOP platform also takes swipes at the current cybersecurity policies, saying that the Barack Obama administration is “overly reliant on the development of defensive capabilities and has been unsuccessful in dissuading cyber-related aggression.” The Republican plank criticizes Obama’s approach as “costly and heavy-handed” and says it will “increase the size and cost of the federal bureaucracy and harm innovation in cybersecurity.”

On the other hand, the Democrats’ platform notes some of the cybersecurity steps taken in Obama’s term, and includes vows to continue by investing in research and development, promoting awareness and strengthening public-private partnership.

“The President and the administration have taken unprecedented steps to defend America from cyber attacks, including creating the first military command dedicated to cybersecurity and conducting a full review of the federal government's efforts to protect our information and our infrastructure,” the Democrats’ platform states.

The platform also notes that “going forward, the president will continue to take executive action to strengthen and update our cyber defenses.”

Many, including cybersecurity expert Jim Lewis, say the statement is a strong suggestion of an executive order in the works.

Lewis, director and senior fellow at the Center for Strategic and International Studies, said a presidential directive from Obama likely would aim to compensate for the Congress’s failure to pass legislation protecting critical infrastructure.

But which party’s approach would be more effective? Lewis had criticism for both sides, noting that neither offers any novel ideas.

“The Democratic plank says the right things; it just doesn't say anything new other than the [executive order] hint. The Republican plank also doesn't say anything new, but we know what they propose won't work,” Lewis said, noting that the Republican references to deterrence and information-sharing, among others, are particularly troublesome.

“Cyber deterrence doesn’t work. This is a creaky retread from the Cold War,” he said. As for voluntary information-sharing, central to the Republican approach, “it’s legislation, not regulation, that blocks sharing, and Congress failed to fix it.”

But the Democratic approach could be costly – and not necessarily effective, given the government’s notorious bureaucracy and the rapidly evolving nature of cyber.

“The Democratic platform calls for greater government engagement and involvement, but the imposition of mandates would be less effective because the government is not nimble enough to regulate in this area,” said Paul Rosenzweig, visiting fellow at the Heritage Foundation. “How much would the Democratic platform cost? Nobody knows. The Democrats couldn’t tell you before when [the bipartisan Cybersecurity Act of 2012] was being considered, and the same questions are being asked now.”