"Leaving business to its own compliance regimes has put the nation at risk," he added. "This is one of those cases where government involvement is necessary. Any more hands-off behavior will be pure negligence."
That position is shared by James Lewis, director and senior fellow at the Center for Strategic and International Studies in Washington. "I think they need an [executive order]," Lewis said. "Congress is fouled up and the private sector will not provide adequate security."
Lewis is among those who developed a set of cybersecurity recommendations for the Obama Administration four years ago.
Critics, though, fear that such an order will result in unnecessary government involvement in commercial cybersecurity matters. Those opposed to the plan say any Obama order will introduce little that hasn't been in place for years. In a highly charged election year, many have been quick to point to the move as an example of a White House trying to run things through mandate rather than via the legislative process.
"The draft executive order is toothless and will do nothing to improve the security of critical infrastructure, while adding to the confusion and burden," said Richard Stiennon, chief research analyst at IT Harvest.
In a Washington Post editorial last week, Sen. John McCain (R-Ariz) and two other senators who sponsored a Republican alternative to the Cybersecurity Act, slammed the idea of an executive order. "Unilateral action in the form of government mandates on the private sector creates an adversarial relationship instead of a cooperative one," the senators wrote. "Skirting congressional action by issuing an executive order is neither appropriate nor effective."
The senators went on to tout the Republican bill as a better alternative to the Cybersecurity Act.
The Heritage Foundation, a conservative policy and research analysis group, has a similar view. "We are a country that works through a legislative process. The idea that a President can trump a legislative proves just because things haven't worked out the way he wanted, is not good," said Paul Rosenzweig, a visiting fellow at the foundation.
For Gartner analyst John Pescatore, the biggest problem with an order is that it brings nothing new by way of standards or controls. Pescatore said the best way to improve security is by leveraging the government's enormous buying power.