President Obama signed an executive order on Feb. 12 to build up cybersecurity infrastructure. He issued the order right before his State of the Union address to emphasize the importance he places on the issue.
According to a White House briefing, the executive order’s purpose is to enable “near real time sharing of cyber threat information to assist participating critical infrastructure companies in their cyber protection efforts.” It builds off the Enhanced Cybersecurity Services program.
The executive order requires government agencies to provide critical infrastructure companies with access to unclassified reports of cyber threats, as well as access to both classified and unclassified threat and attack information via new information sharing programs.
The order also calls for the creation of a cybersecurity framework to be built by the National Institute of Standards and Technology (NIST). NIST is supposed to work with private companies to build a framework based on “existing international standards, practices and procedures that have proven to be effective.”
To mitigate its impact on civil liberty violations, the executive order compels Federal agencies to conduct regular assessments on their activities to strengthen cybersecurity. Every agency involved will base their privacy safeguards on the Fair Information Practice Principles (FIPPs). The assessments will also be made available to the public.
Cybersecurity is becoming more of an issue each year. The New York Times recently reported that 198 cyber attacks on “critical infrastructure systems” were reported to the Department of Homeland Security last year – a 52 percent increase from the previous year.
This increase is expected to result in the need for more cybersecurity experts. Federal government projections from the U.S. Bureau of Labor statistics call for a 22 percent increase in the number of information security analysts, web developers and computer network architects by 2020, or about 66,000 new jobs.
Obama signed his executive order after failing to convince Congress to pass legislation on the issue of cybersecurity last year. The legislation would have empowered the Department of Homeland Security to enforce certain standards in security. Opponents of the legislation argued that it would be too difficult for businesses to implement.
The president is still focused on passing legislation to further strengthen cybersecurity in the United States. The White House referred to the executive order as a “down-payment” on future actions. “Existing laws do not permit the government to do all that is necessary to better protect our country,” it stated.