By Brett Daniel Shehadey
Special Contributor for In Homeland Security
To better defend the U.S. cybersecurity framework against a surging threat of hackers, the White House has issued Executive Order: “Improving Critical Infrastructure and Cybersecurity.” In spite of the status as an executive order, the language is a voluntary plan of action and policy steering for best practices across government and industry lines, in order to raise the standards of national cyber protection as a whole and partner public and private participation and cooperation.
President Barack Obama said, “While I believe today’s framework marks a turning point, it’s clear that much more work needs to be done to enhance our cybersecurity.”
The key phrase is “turning point.” This is an initial update, even if voluntary.
In 2013, the President’s State of the Union addressed the need for stronger cybersecurity. The Department Commerce and the Secretary of Commerce were tasked to develop the guidelines that were officially released yesterday.
The US critical industry and security framework includes, among others: financial institutions, utilities and defense. With the high amount of foreign cyber-attacks from state and non-state actors aimed at the defense industry as well as the recent high-profile hacking and thefts of major American financial and retail corporations, Washington was primed and prized to get something started, but this is far from the beginning- this is merely the attention getter.
New and improved best practices and raised standards for encryption technologies may soon be required as soon as Capitol Hill catches up. They are known for being digital slugs and executive authority can inspire and promote greater awareness in their stead. Nevertheless, Congress is actively debating the issue of cybersecurity on many fronts and new legislation is in the habit of being passed by piecemeal format, rather than a grand, concerted, domestic law.
The White House is counting on what one official called “self-interested action” in embracing better procedures and practices to secure systems, data storage and information exchange. As opposed to direct legislative actions, this approach promotes greater innovation and personally vested actions by the American people to collaborate and coordinate best practices by their own will. Unfortunately, it also leaves the US cybersecurity framework without an immediate upgrade and is an at will, at leisure, policy action.
Comments are closed.