Improving Critical Infrastructure Cybersecurity
Headline: Directs Federal Agencies and Owners to Improve Critical Infrastructure Cybersecurity
What it does: Agencies must share cyber threat information, develop and promote a voluntary cybersecurity framework led by the National Institute of Standards and Technology, and identify critical infrastructure at greatest risk.
- More timely cyber threat reports sent to private companies to improve defense.
- Creation of a voluntary cybersecurity framework for owners and operators to adopt.
- Government will identify and confidentially notify highest-risk infrastructure owners.
Summary
This order directs federal agencies and owners of critical infrastructure to improve cybersecurity and share more cyber threat information to protect systems vital to national security, the economy, and public safety.
It orders the National Institute of Standards and Technology to lead development of a voluntary Cybersecurity Framework, sets deadlines for threat reporting and expanded information programs, and establishes a consultative process with industry.
It also requires privacy and civil liberties assessments, asks agencies to recommend incentives and acquisition changes, and directs identifying infrastructure most at risk.
Ask about this order
Ask questions about this executive order and its implications.
What agencies are affected by this order?
How does this order change existing policy?
What are the practical implications of this order?