In the world of cybersecurity, all eyes are on the White House as experts speculate on President Obama’s plans to issue an executive order to secure the cyber sector by administrative fiat.
Yet, according to drafts circulating Washington, Obama’s executive order wouldn’t be focused on cybersecurity alone. Instead, the Administration’s actions may be expanded to critical infrastructure as a whole.
As Heritage’s Steven Bucci put it, most of the order appears to be crafted to “seem as vanilla as possible.” Unsurprisingly, the draft doesn’t seem to offer much in terms of meaningful policy. One major point, however, is worthy of attention: the fact that the Administration apparently plans to scrap the National Infrastructure Protection Plan (NIPP) and start anew.
First issued in 2006, the NIPP describes the main roles and responsibilities of the federal, state, and local governments—as well as the private sector—in protecting the nation’s critical infrastructure. Currently the NIPP identifies 18 critical infrastructure sectors, including agriculture and food, banking, communications, and energy, providing a sector-specific protection plan for each.
The NIPP was due for review this year, and certainly there are areas for improvement. Revisions during the last review process in 2009 made only limited progress. While the NIPP rightfully adopts an “all-hazards” approach to critical infrastructure protection, it still fails to take a truly risk-based approach and instead overuses the “criticality” label.
Yet rather than working within the prescribed review and revision process, the Administration would scrap the plan all together. Key revisions are needed, but planning for the sake of planning will only create unneeded bureaucracy and stymie security efforts. A document like this would eat up enormous amounts of time and effort within the Administration and, at the end of the day, accomplish little.
This wouldn’t be the first time we’ve seen the Obama Administration take backwards steps in homeland security preparedness, either. In April of last year, the Administration released Presidential Policy Directive-8 (PPD-8), which claimed to update national preparedness policy. PPD-8, however, seemingly failed to recognize much of the efforts of the past seven years. As Heritage wrote in describing the effort:
Attempting to recreate the wheel in terms of preparedness policy is a waste of resources. The Obama Administration should instead seek to build upon prior work and act as a better integrator of nation-wide efforts to prepare for catastrophic disaster.
Indeed, something similar can be said about any effort to rewrite the NIPP today.
The federal government needs less planning and more doing.