In light of recent news that America’s cyber-network is vulnerable to outside attack, President Obama signed an Executive Order to improve cyber-security for the nation’s “critical infrastructure.” According to the Order, “critical infrastructure” applies to the vital physical and virtual systems in the United States that are essential to the country’s economic security, public health, and safety. This definition is in line with the definition of “critical infrastructure” in the Cybersecurity Act of 2012, which the federal government failed to pass.
The Executive Order is meant to promote greater information sharing among members of the same network. This will ensure that all network providers are adequately aware of potential threats to the system in time to plan and implement an effective response. Accordingly, American companies now bear the responsibility of evaluating whether “critical infrastructure” applies to their operations. Alternatively, the Executive Order may also apply to companies that provide goods or services to other companies that the Executive Order implicates. In this case, the Executive Order would also apply to the companies that provide the goods or services. These companies would then bear the same responsibility to abide by the Executive Order and participate in the information-sharing network.
The Executive Order also requires various federal agencies to participate in this network. The Office of the Attorney General, the Department of Homeland Security, and the Office of National Intelligence, among others, are responsible for participating to create an information-sharing network. Such a network will make it easier to detect and ward off cyber-threats. Additionally, the information-sharing network will allow the participating agencies to quickly notify the President of any legislation that is necessary to further protect the nation’s cyber-network. Furthermore, a working and productive network will incentivize other agencies and companies to join the network. Increased participants will improve the breadth of the network, work to expand the reach of the network, and add to the information that is available within the network.
President Obama addressed the Executive Order in his State of the Union speech. The President explained that while the Executive Order was not a substitute for cybersecurity legislation, the Executive Order would prohibit further threats to the nation’s cyber-network before Congress implements such legislation. Accordingly, Congress revisited the Cyber Intelligence Sharing and Protection Act (“CISPA”) the day after President Obama signed the Executive Order. Meanwhile, the Senate is reviewing the Cybersecurity and American Cyber Competitiveness Act of 2013. Past attempts at passing cybersecurity legislation have alarmed associations that aim to protect civil liberties. Specifically, there is an underlying concern that such expansive information sharing stands to violate individual privacy rights. However, the American Civil Liberties Union has already spoken out in support of the Executive Order and the national security the Executive Order seeks to implement.
At the Law Offices of Salar Atrizadeh, we guide our clients in legal matters by using extensive knowledge and skills to create innovative solutions. Please contact us today to set up a confidential consultation.