U.S. President Barack Obama signed an executive order that seeks better protection of the country’s infrastructure from cyber attacks. Cyber attacks are a major concern to the economy and national security. The order enables the government to share more information with private industry partners and develop a new framework of practices to reduce cybersecurity risks.
The executive order was unveiled during the President’s State of the Union speech. The order follows last year’s failed attempt by the U.S. Congress to pass a law which gives the government power to confront continuing electronic attacks on the networks of companies and government agencies.
The order does not have the same force as law and it directs federal authorities to improve information sharing on cyber threats including some that may be classified with companies that provide or support critical infrastructure. The executive order establishes information sharing between the private and public sectors by providing classified and unclassified threat information to U.S. companies.
It requires federal agencies to produce unclassified reports of threats to companies and requires the reports to be shared in a timely fashion. There is also a real-time information sharing program that is currently open to the defense sector and others.
The order directs the National Institute of Standards and Technology (NIST) to develop a new cybersecurity framework to reduce cyber risks for critical infrastructure. The order also calls on agencies to incorporate privacy and civil liberties safeguards based on the Fair Information Practice Principles.
On top of issuing the executive cybersecurity order, the Obama administration released a Presidential Policy Directive that updates the national approach to infrastructure security. The directive is supposed to create a stronger connection between physical security and cybersecurity of infrastructure like telecommunications, water, and energy supplies.
The directive has a few goals like identifying baseline data and systems requirements for the federal government to enable efficient information exchange within 180 days. The House Homeland Security Committee will be holding a hearing entitled “A New Perspective on Threats to the Homeland” to consider a range of threats including drug cartel action at borders and cyber-attacks on infrastructure.