2013 Cybersecurity Executive Order: Overview and Considerations for Congress [November 8, 2013]   [open pdf - 329KB]

"The federal role in cybersecurity has been a topic of discussion and debate for over a decade. Despite significant legislative efforts in the 112th and 113th Congress, no major legislation on this topic has been enacted since the Federal Information Security Management Act (FISMA) in 2002, which addressed the security of federal information systems. In February 2013, the White House issued an executive order designed to improve the cybersecurity of U.S. critical infrastructure (CI). Citing repeated cyber-intrusions into critical infrastructure and growing cyberthreats, Executive Order 13636, 'Improving Critical Infrastructure Cybersecurity,' attempts to enhance security and resiliency of CI through voluntary, collaborative efforts involving federal agencies and owners and operators of privately owned CI, as well as use of existing federal regulatory authorities. Entities posing a significant threat to the cybersecurity of critical infrastructure assets include cyberterrorists, cyberspies, cyberthieves, cyberwarriors, and cyberhacktivists. E.O. 13636 attempts to address such threats by, among other things, [1] expanding to other CI sectors an existing Department of Homeland Security (DHS) program for information sharing and collaboration between the government and the private sector; [2] establishing a broadly consultative process for identifying CI with especially high priority for protection; [3] requiring the National Institute of Standards and Technology to lead in developing a Cybersecurity Framework of standards and best practices for protecting CI; and [4] directing regulatory agencies to determine the adequacy of current requirements and their authority to establish additional requirements to address the risks."

Report Number:
CRS Report for Congress, R42984
Public Domain
Retrieved From:
Via E-mail
Media Type:
Help with citations