President issues executive order that will improve the sharing of classified information between government and operators of critical infrastructur.

Obama issues order to bolster US cyber-defences

President Obama issued an executive order on Tuesday that will attempt to bolster the nation’s cyber-defences by improving the ways in which classified information is shared between the government and operators of critical infrastructure.

The order, which will require energy, utilities and mass transit companies to share information on cyber threats with the government, has been attacked by Republicans as unnecessary regulation. However, Obama said it was essential for national security: “We know hackers steal people’s identities and infiltrate private email,” Obama said.

“We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions and our air-traffic control systems. We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.”

The order includes two main features. One will expand an existing program that allows the government to share classified cyber-threat information with private companies that pass a security clearance process.

The second part requires the National Institute of Standards and Technology to assist in the production of voluntary standards that companies can sign up to in order to reinforce their cyber-defences.

Commenting on the executive order from President Obama, Terry Greer-King, UK managing director for internet security company Check Point said:  “Together with the EU cyber security plan announced last week, this is a key step forward for both Governments and business in realising the need to collaborate and share intelligence to fight web attacks, and reduce their impact.

“Recent attacks such as those against the US Federal Reserve, and ‘Eurograbber’ which stole over £30m from European banks, show that almost any organisation is vulnerable, no matter how well-defended they think they are. In 2012, our research found that 63% of organisations were infected with bots, and UK companies reported an average of 66 new security attack attempts every week, with successful incidents costing an average of £145,000.  Any move that helps to reduce these figures is very welcome.”