Improving Critical Infrastructure Cybersecurity
Directs Federal Agencies and Owners to Improve Critical Infrastructure Cybersecurity
What it does
Agencies must share cyber threat information, develop and promote a voluntary cybersecurity framework led by the National Institute of Standards and Technology, and identify critical infrastructure at greatest risk.
Real-world impact
- More timely cyber threat reports sent to private companies to improve defense.
- Creation of a voluntary cybersecurity framework for owners and operators to adopt.
- Government will identify and confidentially notify highest-risk infrastructure owners.
Topics
Summary
This order directs federal agencies and owners of critical infrastructure to improve cybersecurity and share more cyber threat information to protect systems vital to national security, the economy, and public safety.
It orders the National Institute of Standards and Technology to lead development of a voluntary Cybersecurity Framework, sets deadlines for threat reporting and expanded information programs, and establishes a consultative process with industry.
It also requires privacy and civil liberties assessments, asks agencies to recommend incentives and acquisition changes, and directs identifying infrastructure most at risk.
Questions, answered
Ask questions about this executive order and its implications. Try:
- “What agencies are affected by this order?”
- “How does this order change existing policy?”
- “What are the practical implications of this order?”