President Obama took to steps toward implementing administration cybersecurity policy Feb. 12 by signing an executive order establishing a voluntary security framework for privately-held critical infrastructure and releasing a new presidential policy directive on critical infrastructure security.
The executive order (.pdf), which administration officials began talking about last fall following the collapse of favored cybersecurity legislation in the Senate, will expand by mid-June an existing program started by the Defense Department for its contractors for the sharing of cyber threat information. The Enhanced Cybersecurity Services program should be open to "all critical infrastructure sectors" within 120 days, the order says. The Homeland Security Department announced in January 2012 it took control of the program.

Rule Your Documents: Document Management Guide

Whitepaper Knowing which programs your agency should support doesn't have to be a guessing game. Learn how you can align projects with strategic goals, balance spending and assess risk with Oracle's Primavera Portfolio Management's enterprise approach to governance. Download Now.

Sign up for our FREE newsletter for more news like this sent to your inbox! The order also requires the National Institute for Standards and Technology to develop a framework incorporating "consensus standards and industry best practices" for voluntary adoption by operators of critical infrastructure. Opposition in the Senate to cybersecurity legislatoin at one point coalesced around administration-backed language that would have made adoption of such a framework mandatory.
Not included in the executive order is liability protection for private sector participants in the framework, something that would be beyond the scope of presidential powers. Private sector officials have cited concerns over liability and other legal related matters as major obstacles to greater public-private action on cybersecurity; one industry official with a large information technology manufacturer speaking on condition of anonymity who read the order expressed doubt that any program that leaves liability open as an issue will attract substantial participation.
More to come on this story shortly. 

Read more: Obama signs cybersecurity executive order - FierceGovernmentIT http://www.fiercegovernmentit.com/story/obama-signs-cybersecurity-executive-order/2013-02-12#ixzz2KnREGDFo
Subscribe: http://www.fiercegovernmentit.com/signup?sourceform=Viral-Tynt-FierceGovernmentIT-FierceGovernmentIT