The cybersecurity executive order President Obama signed on Tuesday is a great step in the nation’s fight against cyber threats, but more still needs to be done, said White House Cybersecurity Coordinator Michael Daniel.
In a blog post on WhiteHouse.gov, Daniel outlined the cybersecurity executive order that calls, among many things, for organizations that work with the nation’s critical infrastructure to voluntarily share threat information with the federal government.
He added, though, that more action is still needed.
“Executive action alone cannot create the new tools and authorities needed to meet the Nation’s collective cybersecurity challenges,” Daniel wrote. “The Administration continues to urge Congress to pass legislation to more fully address our Nation’s cybersecurity needs.”
Cybersecurity legislation was twice voted down in the Senate last year and many of the measures called for in those bills were put in place by the president’s executive order on Tuesday. Similar cybersecurity legislation has already been introduced to the current Congress.
Daniel urged industry leaders to ask their cybersecurity teams five questions put forth by the Department of Homeland Security to see if their networks are properly protected.
He also asked that industry, academia and advocacy community participate in the National Institute of Standards and Technology process to develop the Cybersecurity Framework laid out in the executive order. A NIST request for information is now available for comment.
“For decades, industry and all levels of government have worked together to protect the physical security of critical assets that reside in private hands – from airports and seaports to national broadcast systems and nuclear power plants,” Daniel wrote. “Similarly, we must now work in partnership to protect the cyber critical infrastructure systems upon which so much of our economic well-being, national security, and daily lives depend.”