President Obama yesterday issued an Executive Order to address the growing cyber threat to the Nation’s “critical infrastructure,” a term broadly defined to potentially cover natural gas and oil pipelines, storage sites and refineries as well as electric generation, transmission and distribution facilities. The Executive Order has been widely rumored for months, particularly given the congressional impasse on cybersecurity legislation and numerous reports of cyber attacks of varying severity affecting public and private enterprises nationwide. Citing “national and economic security,” the executive branch finally took matters into its own hands with the Executive Order. The energy industry should pay attention, both for regulatory compliance purposes and also as a matter of sound business practice, in the face of the increasing security threat posed by cyber attacks.
The Executive Order -
The Executive Order applies to “critical infrastructure,” defined as “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.” This expansive and vague definition could include a range of natural gas, oil, and power systems and assets.
Developed by national security officials in conjunction with the Department of Homeland Security (DHS) and other federal agencies, the Executive Order:
- Promotes the sharing of “cyber threat information” with private sector entities, and directs DHS, the Attorney General and the Director of National Intelligence to adopt procedures for the “timely” and “rapid” dissemination of unclassified cyber threat reports to the entities specifically targeted by those threats...
Please see full publication below for more information.