As a follow up to our summary of the key takeaways from the White House’s first Summit on Cybersecurity and Consumer Protection, the centerpiece of which was President Obama’s signing of a new Executive Order, “Promoting Private Sector Cybersecurity Information Sharing,” what follows is an analysis of that Order.
What does the Order actually do?
The Order “promotes…encourages…and…allows” but does not require anything. Specifically, it creates a voluntary framework for the formation of Information Sharing and Analysis Organizations (“ISAOs”). Per the Order, the Department of Homeland Security (“DHS”) will “engage in continuous, collaborative, and inclusive coordination” with ISAOS to share information about cybersecurity threats. Through the National Cybersecurity and Communications Integration Center, DHS also will enter into voluntary information sharing agreements with ISAOs. ISAOs will have a common set of standards for participants to be created by the ISAO Standards Organization, a nongovernmental organization to be designated by the DHS.
FULL blog post »