Thursday, February 14, 2013

US Executive Order on Cybersecurity

US President Obama signed a "Presidential Policy Directive -- Critical Infrastructure Security and Resilience". Also there is a media release summarizing the Executive Order on Cybersecurity. A similar approach could be adopted by the Australian Government for its Cyber Security Centre, emphasising information sharing and joint work not only between government agencies, but with industry.
Additional roles and responsibilities for the Secretary of Homeland Security include:

1) Identify and prioritize critical infrastructure, considering physical and cyber threats, vulnerabilities, and consequences, in coordination with SSAs and other Federal departments and agencies;
2) Maintain national critical infrastructure centers that shall provide a situational awareness capability that includes integrated, actionable information about emerging trends, imminent threats, and the status of incidents that may impact critical infrastructure;
3) In coordination with SSAs and other Federal departments and agencies, provide analysis, expertise, and other technical assistance to critical infrastructure owners and operators and facilitate access to and exchange of information and intelligence necessary to strengthen the security and resilience of critical infrastructure;
4) Conduct comprehensive assessments of the vulnerabilities of the Nation's critical infrastructure in coordination with the SSAs and in collaboration with SLTT entities and critical infrastructure owners and operators;
5) Coordinate Federal Government responses to significant cyber or physical incidents affecting critical infrastructure consistent with statutory authorities;
6) Support the Attorney General and law enforcement agencies with their responsibilities to investigate and prosecute threats to and attacks against critical infrastructure;
7) Coordinate with and utilize the expertise of SSAs and other appropriate Federal departments and agencies to map geospatially, image, analyze, and sort critical infrastructure by employing commercial satellite and airborne systems, as well as existing capabilities within other departments and agencies; and
8) Report annually on the status of national critical infrastructure efforts as required by statute. ...
From: "Presidential Policy Directive -- Critical Infrastructure Security and Resilience", US President Obama, 12 February 2013.

No comments: