U.S. Senators John McCain (R-AZ), Saxby Chambliss (R-GA) and John Thune (R-SD) said the Executive Order on cybersecurity released by President Obama, “cannot achieve the balanced approach that must be accomplished collaboratively through legislation and with the support of the American people.”
The three senators released a joint statement of the Order, “We will closely examine the Executive Order and ensure that there is thorough Congressional oversight of any action it directs. As the 113th Congress gets underway, the Senate should follow regular order and craft legislation that will have an immediate impact on our nation’s cybersecurity without adding or prompting regulations that could discourage innovation and negatively impact our struggling economy. We remain committed to working with all of our colleagues to improve our nation’s cybersecurity by utilizing the breadth of cybersecurity expertise across the government and within the private sector.”
The Executive Order includes:
•Defense Industrial Base Information Sharing Program: The Order expands the voluntary Enhanced Cybersecurity Services program, enabling near real time sharing of cyber threat information to assist participating critical infrastructure companies in their cyber protection efforts.
•NIST Development of Cybersecurity Framework: NIST will work with critical infrastructure stakeholders to develop the framework relying on existing international standards, practices, and procedures that have proven to be effective.
•New information sharing programs to provide both classified and unclassified threat and attack information to U.S. companies. The Executive Order requires Federal agencies to produce unclassified reports of threats to U.S. companies and requires the reports to be shared in a timely manner. The Order also expands the Enhanced Cybersecurity Services program, enabling near real time sharing of cyber threat information to assist participating critical infrastructure companies in their cyber protection efforts.
•The development of a Cybersecurity Framework. The Executive Order directs the National Institute of Standards and Technology (NIST) to lead the development of a framework of cybersecurity practices to reduce cyber risks to critical infrastructure. NIST will work to develop the framework, relying on existing international standards, practices, and procedures.