On Tuesday, President Obama issued a long awaited Executive Order on cyber security intended to expand and deliver more robust information sharing between government and the private sector. The Executive Order also requires the development of a voluntary cyber framework and standards to improve protection of the U.S. critical infrastructure. The Executive Order rightly focuses on a risk-based approach. Resources are limited and prioritization to secure those areas most at risk is smart policy. The sophistication of threats and targeted attacks on key economic sectors around the world stresses the urgency that action be taken to better secure critical infrastructure. This effort by President Obama is a positive step to address a real gap in the protection of critical assets necessary to the well being of the United States.
The risk to critical infrastructures is real, and an international challenge that must be addressed by governments and the private sector together. As we see more threats to the national and economic security of countries, action must be taken to better protect those critical national infrastructures. Attacks like Stuxnet, Flame, Gauss and Shamoon are becoming commonplace and keep growing in sophistication.
I believe this executive order is a move in the right direction as it seeks to increase digital defenses of critical infrastructure, and tries to facilitate the exchange of threat information between the government and private sector. Better cooperation between governments around the world and their private sectors to improve sharing of timely and relevant cyber threat information is essential. Likewise, operators of the critical infrastructures must work to implement flexible performance based standards to secure their assets.
We are at a critical juncture on cyber security protection, and leadership in the U.S. and around the world is essential. We hope that other nations and unions will follow this example and take steps to better protect their national critical infrastructures.
We’re ready to support and assist in national and international cyber defense efforts with our research, technologies and people.