US President Barack Obama signed an executive order aimed at strengthening cyber security by creating a series of best practices and encouraging institutions that handle critical infrastructure systems to implement a security framework by working together with key government institutions.
The framework will serve as a means of sharing intelligence between the government and private sector institutions to develop new and more efficient ways of defending US citizens, the economy, and other nations against cyber terrorist acts.
Privacy concerns were raised as actions such as cyber threats or cyber intrusions were not specifically defined and may violate user rights if not properly implemented. Critical infrastructure systems such as telecommunication networks and cloud-based systems are to be better protected if the framework is properly implemented.
â€œAs used in this order, the term critical infrastructure means systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters,â€ reads the executive order.
Preliminary implementation of the framework is scheduled to be presented by the US government within 240 days, starting from the day the executive was signed. Plans to update it based on new technological developments and security risks are also taken into consideration as the â€œframeworkâ€ is supposed to provide long-term, state-of-the-art cyber-attacks protection.
â€œIt is the policy of the United States government to increase the volume, timeliness, and quality of cyberthreat information shared with US private sector entities so that these entities may better protect and defend themselves against cyberthreats,â€ according to the executive order.
Although the executive order promises more transparency between government and the private sector, civil right experts believe the process should not negatively impact civil liberties by oversharing sensitive and personal user data with the U.S. government.