· Establishes a voluntary program to promote the adoption of the Cybersecurity Framework. The Department of Homeland Security will work with Sector-Specific Agencies like the Department of Energy and the Sector Coordinating Councils that represent industry to develop a program to assist companies with implementing the Cybersecurity Framework and to identify incentives for adoption.
· Calls for a review of existing cybersecurity regulation. Regulatory agencies will use the Cybersecurity Framework to assess their cybersecurity regulations, determine if existing requirements are sufficient, and whether any existing regulations can be eliminated as no longer effective. If the existing regulations are ineffective or insufficient, agencies will propose new, cost-effective regulations based upon the Cybersecurity Framework and in consultation with their regulated companies. Independent regulatory agencies are encouraged to leverage the Cybersecurity Framework to consider prioritized actions to mitigate cyber risks for critical infrastructure consistent with their authorities.
Building on Progress
In May of 2009, President Obama declared our digital infrastructure a strategic national asset and made protecting this infrastructure a national priority. As part of this effort, the Obama Administration has:
· Created the National Cybersecurity & Communications Integration Center: The NCCIC is a 24-hour, DHS-led coordinated watch and warning center that improves our nation’s ability to address threats and incidents affecting critical infrastructure, the Internet, and cyberspace.
Issued the National Strategy for Trusted Identities in Cyberspace: The NSTIC and its programs are creating alternatives to passwords for online services that are more convenient, secure, and privacy enhancing.
Submitted to Congress Comprehensive Cybersecurity Legislation: The Administration continues to believe that legislation is needed to fully address this threat. Existing laws do not permit the government to do all that is necessary to better protect our country. The Executive Order ensures that federal agencies and departments take steps to secure our critical infrastructure from cyber attack, as a down-payment on expected further legislative action.