What companies need to know about the Obama administration’s cybersecurity order

Download document:

What companies need to know about the Obama administration’s cybersecurity order - .PDF file.

By Sydney M White, Jim Halpert, Steven R Phillips and Vinny Sanchez 

After proponents of cybersecurity legislation were unable to reach consensus on a bill during the 112th Congress, president Barack Obama, on 12 February, issued a cybersecurity executive order (EO) to enhance the security and resilience of the country’s critical infrastructure (CI).

This alert provides a preliminary assessment of the cybersecurity EO and observations that may be helpful in considering how new standards may affect your company.

The EO requires federal agencies to improve two-way information sharing about cyber threats and to work collaboratively with the private sector to develop a cybersecurity framework for the protection of CI from cyber threats. The framework will apply to owners and operators of CI who voluntarily participate and other entities that may voluntarily participate. The EO requires federal agencies to develop incentives for private sector adoption of the cybersecurity framework. Federal agencies with sufficient regulatory authority may impose regulations implementing the framework. Furthermore, even where federal agencies lack the regulatory authority to impose the cybersecurity standards included in the framework, the standards are likely to be influential, in that following the framework as it applies in a company’s sector would provide strong evidence that the company was exercising a duty of care to prevent harm from a cyber attack…

Click on the link below to read the rest of the DLA Piper briefing.