A CYBERInnovation Briefing on the President’s Cybersecurity Executive Order

As advanced and persistent cyber attacks threaten our nation’s critical infrastructure, government and industry share a common interest in partnering to stay ahead and protect their assets. However, while they share a common goal, due to the nature of their missions and organizational drivers, their motivations are not always aligned. Earlier this year, President Obama issued an Executive Order focused on cybersecurity that requires the Department of Homeland Security (DHS) to share cyber threat information with private industry. This directive, while soundly based, generates many questions. Why isn’t this already happening? Is DHS the proper entity? Will the unclassified nature of these reports provide value? How will this information be disseminated? What technology is needed to deliver threat information sharing? Will industry be receptive and is it a two-way street, will industry reciprocate? Who will benefit from this information sharing?

In order to be effective, this initiative requires buy-in from many stakeholders from the government agencies generating the reports, to industry customers ingesting the information, to security and technology vendors providing capabilities and technology to enable sharing, to federal, state, and industry policy makers determining what and how it is legal to share. The National Institute of Standards and Technology (NIST) plays a major role in determining the cybersecurity framework for which this executive order is to be implemented. With Maryland serving host to government agencies like the National Security Agency and US Cyber Command among others, many of the largest players in the Defense Industrial Base, and an innovative core of security and technology vendors, we have a vested interest in the outcome. Please join us and play your part in hearing what the community has to say.