Overview -

Identification of Critical Infrastructure. Not later than July 12, 2013, the Secretary of Homeland Security is directed to identify critical infrastructure where a cybersecurity incident could result in catastrophic regional or national effects on public health or safety, economic security, or national security, using a consultative process and drawing on the expertise of the Sector Specific Agencies (SSAs) designated in the Presidential Directive that accompanied the release of the Executive Order. The Department of Homeland Security (DHS) is the SSA for communications. The owners and operators of such critical infrastructure will be notified confidentially and will be permitted to submit relevant information and request reconsideration of the Secretary’s determination.

IT Carve-out. The Order prohibits the Secretary from identifying any commercial information technology products or consumer information technology services.