Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Government

Obama Signs Executive Order on Cybersecurity

Executive Order on Cybersecurity

Executive Order on Cybersecurity

Obama Moves to Defend Infrastructure From Cyberattacks

WASHINGTON – Warning that cyberattacks pose a danger to US security, President Barack Obama signed an executive order on Tuesday designed to better protect critical infrastructure from computer hackers.

Obama, in his annual State of the Union speech to a joint session of the US Congress, said the United States is facing a “rapidly growing threat from cyberattacks.”

“We know hackers steal people’s identities and infiltrate private email,” he said. “We know foreign countries and companies swipe our corporate secrets.

“Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions and our air traffic control systems,” Obama added.

“We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.”

Obama said his executive order would “strengthen our cyber defenses by increasing information sharing, and developing standards to protect our national security, our jobs and our privacy.”

The president also urged Congress to pass legislation “to give our government a greater capacity to secure our networks and deter attacks.”

Advertisement. Scroll to continue reading.

Presidential Seal

The executive order (PDF) calls for voluntary reporting of threats to US infrastructure, such as power grids, pipelines and water systems.

The directive, which follows two failed attempts in Congress to pass cybersecurity legislation, allows the government to lead an information-sharing network but stops short of making mandatory the reporting of cyber threats.

A senior administration official said the order does not preclude the need for legislation but gets a cybersecurity program started that can encourage sharing information that may be confidential or classified.

The order allows for “sharing of classified information in a way that protects that classified information but enables the broader use of it to protect our critical infrastructure,” the official said.

The White House move came despite criticism from some lawmakers that an executive order bypasses the legislative process.

White House officials noted that the measure would not apply to consumer-based services or information systems that do not meet the standard of “critical infrastructure.”

“It’s about protecting the systems and assets where an attack could have a debilitating impact on our national security,” one official said.

The officials sought to quell concerns the measure could lead to increased surveillance of citizens, and said it requires federal agencies “to carry out these tasks in a way that protects privacy and civil liberties.”

Legislation has stalled on cybersecurity amid opposition from a coalition of civil libertarians who fear it could allow too much government snooping and conservatives who say it would create a new bureaucracy.

US military officials have argued that legislation is needed to protect infrastructure critical to national defense, including power grids, water systems and industries ranging from transportation to communications.

Some lawmakers criticized the president for issuing an executive order instead of working with Congress.

The order “cannot achieve the balanced approach that must be accomplished collaboratively through legislation and with the support of the American people,” said a statement from Republican Senators John McCain, Saxby Chambliss and John Thune.

“We will closely examine the executive order and ensure that there is thorough congressional oversight of any action it directs.”

House Homeland Security Chairman Michael McCaul said he was “concerned that the order could open the door to increased regulations that would stifle innovation, burden businesses and fail to keep pace with evolving cyber threats.”

But the measure also drew praise, including from Michelle Richardson of the American Civil Liberties Union, who said the order “rightly focuses on cybersecurity solutions that don’t negatively impact civil liberties.”

Leslie Harris of the Center for Democracy & Technology welcomed the directive, arguing it “says that privacy must be built into the government’s cybersecurity plans and activities, not as an afterthought but rather as part of the design.”

But the director of George Mason University’s Technology Policy Program Jerry Brito said in a tweet that “top-down regulation is the last thing that will improve cybersecurity.”

Related: White House Issues National Insider Threat Policy

Related: Obama Releases National Strategy for Information Sharing

RelatedDepartment of Defense Expands Information Sharing Initiative

RelatedTaking the Blinders Off – The Value of Collective Intelligence

RelatedCombating Emerging Threats Through Security Collaboration 

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Jill Popelka has been appointed CEO at Darktrace, after serving as COO for three months.

GitHub has appointed Alexis Wales as its new Chief Information Security Officer.

Cybersecurity and intelligence solutions provider Nightwing has appointed Christopher Jones as CTO and CDO.

More People On The Move

Expert Insights