Big changes are coming in regards to cybersecurity in the United States.  Expectations are such that President Barack Obama will soon be issuing a long awaited cybersecurity executive order.  It is thought that the executive order will result in a voluntary program that would set a uniform minimum security standard.  The government issued security standards would specifically call for the adoption of the standards by companies that deal in critical infrastructure industries.

Cybersecurity Executive Order Expected in February

 

Many companies could be affected by this executive order.  The Department of Homeland Security defines critical infrastructure as “…the assess, systems, and networks, whether physical or virtual, so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, public health or safety, or any combination thereof.”   The Homeland Security website also provide a full list of what they term critical infrastructure sectors, including such sectors as banking and finance, defense industrial base, transportation systems, postal and shipping, communications, food and agriculture, energy, and information technology, along with several others.

The Obama administration has explained that the executive order is necessary only because Congress has failed to pass any type of legislation regarding comprehensive cybersecurity.  Numerous previous attempts to pass legislation, including the White House backed Cybersecurity Act, have been stalled.  While Republicans continue to indicate a preference for legislation passed by Congress rather than a presidential executive order, Democratic lawmakers have urged the executive order.  They argue that it is necessary to protect the nation’s critical infrastructure from cyberattacks.

The announcement is expected shortly after the upcoming State of the Union address.   Following its release, feedback about the cybersecurity order will be solicited from the Senate Intelligence committee through a joint  hearing on cybersecurity.  The Obama administration is expected to explain the details of the executive order at that time.

[Image via thehackernews]