Order Gives Firms Cyberthreat Information
President Barack Obama signed an executive order that promotes increased information sharing about cyberthreats between the government and private companies that oversee the country’s critical infrastructure, offering a weakened alternative to legislation the Administration had hoped Congress would pass last year.
The order will allow companies that oversee infrastructure like dams, electrical grids and financial institutions to join an experimental program that has provided government contractors with real-time reports about cyberthreats. It will also put together recommendations that companies should follow to prevent attacks, and it will more clearly define the responsibilities for different parts of the government that play a role in cybersecurity. But the measures considered most important by cybersecurity experts — like minimum requirements for how crucial infrastructure should be protected — were not included in the order because they require Congressional approval. They say the equipment used by companies overseeing the nation’s critical infrastructure is notoriously outdated and insecure because it was not built with the potential for a serious cyberattack in mind.
Order Gives Firms Cyberthreat Information Critical Infrastructure Security and Resilience (Presidential Policy Directive) Critical Infrastructure Security and Resilience (White House Fact Sheet) Improving Critical Infrastructure Cybersecurity (Executive Order) Executive Order on Improving Critical Infrastructure Cybersecurity (WH press release) President Obama issues cybersecurity executive order at SOTU (Politico) Executive Order Seeks Safer Cyber Networks (WSJ) Highly anticipated executive order on cybersecurity signed (The Hill)