The White House video feed of the State of the Union address.

President Obama urged Congress in his State of the Union address to pass legislation to better meet the evolving cyberthreat, but spent very little of the speech explaining its dangers or detailing his cybersecurity legislative agenda.

See Also: Investigative Analytics: Velocity to Respond

Indeed, of the 6,766 words in the Jan. 20 address, only 113 dealt with cybersecurity:

"No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets or invade the privacy of American families, especially our kids. So we're making sure our government integrates intelligence to combat cyberthreats, just as we have done to combat terrorism.

"And tonight, I urge this Congress to finally pass the legislation we need to better meet the evolving threat of cyber-attacks, combat identity theft and protect our children's information. That should be a bipartisan effort. If we don't act, we'll leave our nation and our economy vulnerable. If we do, we can continue to protect the technologies that have unleashed untold opportunities for people around the globe."

NSA Spying Report Coming

That's all the president said on his cybersecurity agenda. However, when addressing the battle against terrorism, the president referenced the National Security Agency's bulk-collection program.

"As Americans, we cherish our civil liberties, and we need to uphold that commitment if we want maximum cooperation from other countries and industry in our fight against terrorist networks," Obama said. "So while some have moved on from the debates over our surveillance programs, I have not. As promised, our intelligence agencies have worked hard, with the recommendations of privacy advocates, to increase transparency and build more safeguards against potential abuse. And next month, we'll issue a report on how we're keeping our promise to keep our country safe while strengthening privacy."

During the address, when he proposed action on his cybersecurity legislative package, members of Congress from both sides of the aisle gave Obama a standing ovation. Unlike immigration or tax reform, cybersecurity is an area where Republicans, who control both houses of Congress, and the Democratic president have general agreement, although they've differed on the details of the legislation.

Time Doesn't Equate Significance

Administration officials in the past have said that mere mention of cybersecurity in the State of the Union address signifies its importance as a White House priority and cautioned against equating the amount of time devoted to the topic in the speech with its significance.

In fact, the president's actions in recent days demonstrate his commitment to get Congress to enact his cybersecurity legislative agenda. Obama spent a good part of the previous week promoting his cybersecurity agenda, which includes encouraging businesses to share cyberthreat information with the government and other businesses and nationalizing data breach notification.

The new chairman of the House Intelligence Committee applauded Obama's acknowledgement for the need of cyberthreat sharing legislation. "Although the House of Representatives passed a cybersecurity bill in the last Congress, our efforts died in the Senate amid a presidential veto threat," said Rep. Devin Nunes, R-Calif. "So I welcome the President's recognition tonight of the urgent need for legislation to counter the growing menace of cyberattacks."

Privacy and Liability Protections

The White House twice threatened to veto the House-passed Cyber Intelligence Sharing and Protection Act, known as CISPA, because it contended that it didn't provide enough privacy protection to citizens' data and offered too broad of liability protections to businesses. A senior administration official said in a briefing last week that the president's proposal would offer targeted liability protection to businesses that share cyberthreat information. The president's plan also would safeguard Americans' personal privacy by requiring businesses to comply with certain privacy restrictions, such as removing unnecessary personal information and taking measures to protect any personal information that must be shared, in order to qualify for liability protection.