Last Tuesday, February 12, President Obama issued a long awaited Executive Order on cyber security intended to expand and deliver more robust information sharing between government and the private sector. The Executive Order also requires the development of a voluntary cyber framework and standards to improve protection of U.S. critical infrastructure. The Executive Order rightly focuses on a risk-based approach. Resources are limited and prioritization to secure those areas most at risk is smart policy. The sophistication of threats and targeted attacks on key economic sectors around the world stresses the urgency of action to be taken to better secure critical infrastructure. This effort by President Obama is a positive step to address the significant gap in the protection of critical assets necessary to the well-being of the United States.
The risk to critical infrastructure is real and represents an international challenge that must be addressed by governments and the private sector together. As we see more threats to the national and economic security of countries, action must be taken to better protect critical national infrastructure. Attacks like Stuxnet, Flame, Gauss and Shamoon are becoming commonplace and keep growing in sophistication.
I believe this executive order is a move in the right direction as it seeks to increase digital defenses of critical infrastructure, and tries to facilitate the exchange of threat information between government and the private sector. Better cooperation between governments around the world and their private sectors to improve sharing of timely and relevant cyber threat information is essential. Likewise, operators of critical infrastructure must work to implement flexible performance-based standards to secure their assets.
We are at a critical juncture of cyber security protection, and leadership in the U.S. and around the world is essential. We hope that other nations and unions will follow this example and take steps to better protect their national critical infrastructure.
We’re ready to support and assist in national and international cyber defense efforts with our research, technologies and people.