Cyber villains aren't waiting
From the perspective of the technology industry, all this political bickering comes across as dangerously parochial. The Internet, after all, knows no geographic borders, and the bad guys are all too willing to take advantage of the nationalist tunnel vision that all countries exhibit, including the U.S. While the government bickers over whether the Department of Homeland Security or the Department of Defense should take the lead in cyber security, villains unknown are planning...well, we don't really know what they're planning, do we?
By calling for greater protection for critical infrastructure such as power plants and water treatment plants via better communication between private industry and government, President Obama is doing all he can, given Congressional intransigence. Even if the President gets what he's asking for, though, there's still a serious concern that it won't be enough, since there's no way to know if an attacker is targeting the critical infrastructure on the President's list.
After all, there are many different types of potential attackers with many different possible motives. Whether they are cyber criminals interested in financial gain, countries such as Iran or China mounting cyber espionage attacks, intellectual property thieves focusing on industrial espionage, or terrorists interested more in wreaking havoc than on any particular target, no single line of defense is sufficient. Furthermore, a cyber attacker might be a country, a company, a decentralized group of hackers (potentially spanning several countries) or even a single individual.
Their potential targets are similarly varied. A single, high-value target such as a power plant may come under attack, but protecting such infrastructure is an obvious priority. The result is that such attacks are difficult to mount, and thus are likely to be relatively rare. Far more common are attacks of convenience. Just as a burglar will avoid houses with alarm signs and instead seek homes with overgrown lawns sporting piles of newspapers, cyber criminals don't really care whose money they steal. Most dangerous of all are the random terrorist attacks that are simply looking to cause mayhem.
Let's also avoid the mistake of assuming that all cyber targets are technology targets. Perhaps the most effective cyber attacks have psychological targets that outstrip the intrinsic technology value of the target. For example, an attacker may not be able to take down Hoover Dam, but what if he could hack the Mars Rover Curiosity? The result would be outrage dismay, and anger-which may in fact be the intended goal all along.