The White House issued an executive order on Tuesday that aims to strengthen protection of the nation’s critical infrastructure against cyberattack.
The directive sets out a voluntary program that aims to encourage information sharing about cyber threats among financial firms, utility operators and others who own critical infrastructure and to promote standards that reduce risks from electronic assaults on facilities deemed vital to national security, the economy or public health.
The order mirrors a draft order the White House floated last year and presages another push for cybersecurity legislation in Congress.
“America must also face the rapidly growing threat from cyber attacks,” President Obama told Congress in his State of the Union address on Tuesday. “We know hackers steal people's identities and infiltrate private e-mail. We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions and our air traffic control systems. We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.”
“Now, Congress must act as well, by passing legislation to give our government a greater capacity to secure our networks and deter attacks,” the President added.
House Intelligence Chairman Mike Rogers, R-Mich., on Wednesday plans to introduce a bill that would encourage sharing of information between companies and government agencies about cyber threats. A similar measure passed the House in April, although the White House and privacy advocates said the bill failed to sufficiently safeguard civil liberties.
The Senate also is expected to revive cybersecurity legislation after senators twice defeated measures last year to promote digital security after business groups opposed them.
Stifel Nicolaus analysts Chris King and David Kaut told investors on Wednesday that the order would “probably give the advocates of information sharing more leverage to make their approach the focus of cybersecurity legislation.”
“We also believe the executive order will give lawmakers some added incentive in general to pass a cybersecurity bill in order to show they’re doing something to address an urgent issue of national importance,” they added.
Joram Borenstein, senior director of product marketing at NICE Actimize, a maker of fraud prevention software, says the executive order contemplates collaboration. "It can be cooperation within the financial industry, which in itself can be a challenge at times, cooperation across industries, and you then have a public-private partnership," Borenstein told American Banker.