President Obama Signs Executive Order Promoting Cybersecurity Information Sharing in the Private Sector

On February 13, 2015, President Obama signed an Executive Order designed to encourage private companies and organizations to share information on cyber threats among themselves, and with the federal government, on a voluntary basis. The President signed the order as part of a speech given at a Cybersecurity and Consumer Protection Summit held at Stanford University. This order is part of a recent increased focus on cybersecurity by the President that also includes the recent announcement of a new federal agency designed to share information about cyber threats among different branches of the federal government.

The Executive Order seeks to create Information Sharing and Analysis Organizations (ISAOs) to facilitate the sharing of cybersecurity information within the private sector and between the private sector and federal agencies. The Department of Homeland Security (DHS) is directed to fund a non-profit organization to develop a common set of voluntary standards for ISAOs. These standards will include privacy protection requirements for both the ISAOs and their members. Similarly, federal agencies will be required to coordinate their activities with their senior officials responsible for privacy and protection of civil liberties. Additionally, the Executive Order clarifies the authority of DHS to enter into information sharing agreements with ISAOs and adds DHS to the list of federal agencies that can approve agreements for the sharing of classified information.

A more detailed description of the order is provided in a fact sheet released by the White House.