Critical Infrastructure Cybersecurity: U.S. Government Response and Implications

1 March 2013
Download PDF
  • On February 12, 2013 President Obama issued a much-anticipated Executive Order on cybersecurity. The Order addresses concerns about the safety of U.S. critical infrastructure, which have grown in the wake of cyber intrusions. Recent intrusions have been targeted at a wide range of industries and have been linked to state actors such as Iran and China.
  • For "critical infrastructure" companies (a broad concept that could cover almost any firm of significance in the economy), the Executive Order means enhanced sharing of cyber threat information. The Order also directs the federal government to develop voluntary cybersecurity standards designed to help owners and operators of critical infrastructure to assess, manage and mitigate cyber risks. The government already has started soliciting industry views as part of this standards development process.
  • The Executive Order could have broad implications for many U.S. firms. In addition to being watchful as the Executive Order's directives are implemented, critical infrastructure firms may want to review and update their own policies and practices with regard to cybersecurity.