Obama signs cybersecurity executive order
President Obama today signed an executive order to improve the nation's cybersecurity, by enabling the government to share more information with private industry partners and developing a new framework of practices to reduce cybersecurity risks.
Cyberthreats, including cyber-espionage, are an increasing concern for both the government and the private sector, and today's executive order is the government's latest move to respond to the threat. It's also one of the ways Mr. Obama is expected to take action this year without the help of Congress.
The executive order establishes new information sharing between the private and public sectors, providing classified and unclassified threat information to U.S. companies. It requires federal agencies to produce unclassified reports of threats to U.S. companies and requires the reports to be shared in a timely manner. It also opens up a real-time information sharing program, currently open to the defense industry, to other sectors.
- Chinese cyberattacks prompt U.S. to beef up Pentagon security
- Wall Street Journal: Chinese hacked us, too
The order also directs the National Institute of Standards and Technology (NIST), a federal agency, to develop a new cybersecurity framework to reduce cyber risks to critical infrastructure. It calls on agencies to incorporate privacy and civil liberties safeguards, based in part on the Fair Information Practice Principles, into their cybersecurity efforts and requires agencies to conduct regular, public assessments of their privacy and civil liberties standards.
In addition to issuing the executive order, the Obama administration today released a Presidential Policy Directive updating the national approach to critical infrastructure security. The directive is intended to create a stronger connection between the physical security and cybersecurity of critical infrastructure, which typically refers to infrastructure such as telecommunications, water and energy supplies.
To achieve this, the directive highlights a few key goals, including identifying baseline data and systems requirements for the federal government to enable efficient information exchange within 180 days.
As the administration unveils its plans for bolstering cybersecurity, Congress plans on addressing the issue as well. Tomorrow, the House Homeland Security Committee will hold a hearing entitled "A New Perspective on Threats to the Homeland" to consider threats a range of threats, including drug cartel action at the borders and cyber-attacks on infrastructure.