Cybersecurity: President Signs New Executive Order Establishing a Framework for Public-Private Cybersecurity Collaboration

Sullivan & Cromwell LLP - February 13, 2015

Earlier today, President Obama signed an Executive Order intended to “encourage and promote sharing of cybersecurity threat information within the private sector and between the private sector and government.”  The Executive Order calls for the development of Information-Sharing and Analysis Organizations (“ISAOs”), made up of businesses, nonprofits, and government agencies, for the purpose of sharing information to combat cybersecurity threats.  The Executive Order also directs the Secretary of Homeland Security to work with the private sector to develop a set of voluntary standards or guidelines to govern operation of the ISAOs.  The new framework would also include certain protections for privacy and civil liberties, and for business confidentiality.  Though mostly advisory in nature, the Executive Order is intended to promote responsiveness to combat cybersecurity threats.  It follows several recent legislative and executive initiatives addressing cybersecurity.