Home > Legal Library > Article

Join Matindale-Hubbell Connected

Defending the Homefront: A Cybersecurity Executive Order

Chandi Abeygunawardana
Proskauer Rose LLP - New York Office

October 9, 2012

Previously published on October 8, 2012

The simultaneous denial of service attacks on the three largest U.S. banks which occurred two weeks ago were reported to have originated in Iran. After years of stealth cyber attacks on American interests, U.S. intelligence officials recently publicly accused China of cyber espionage of American high-tech data for their own economic gain. The head of U.S. Cyber Command has stated that there has been a twentyfold increase in cyberattacks on critical infrastructure from 2009 to 2011. With the need for national cybersecurity more evident now than ever before, the White House announced that it is close to completing a new cybersecurity executive order to address this critical issue.

The cybersecurity executive order has not yet been issued but is expected to have a number of elements. It would establish a voluntary program in which critical infrastructure companies such as those that own electric grids, water systems, and transportations systems, would elect to comply with government issued security standards. The order would direct federal agencies to develop cybersecurity guidelines for owners of critical infrastructure facilities, and would authorize the creation a new cybersecurity council at the Department of Homeland Security with representatives from the Department of Defense, Justice Department, Director of National Intelligence and the Department of Commerce. The cybersecurity executive order is expected to have some elements similar to the Cybersecurity Act of 2012, a bill recently quashed in the Senate after drawing opposition from business lobbying groups, primarily the U.S. Chamber of Commerce, that argued that the legislation would grant the government overarching influence over private businesses and impose regulations that would be too onerous for businesses to comply with.

The anticipated executive order will not accomplish everything that the administration seeks in terms of a cybersecurity plan. According to Janet Napolitano, the Secretary of the Department of Homeland Security, the executive order cannot provide liability protections for companies that are victims of cyber attacks or increase penalties for cybercrime, and thus legislation is still needed. How close we are to developing a policy that balances national security, consumer privacy, and commercial interests remains to be seen, though the new cybersecurity executive order expected to be issued by the White House may provide some insight.


The views expressed in this document are solely the views of the author and not Martindale-Hubbell. This document is intended for informational purposes only and is not legal advice or a substitute for consultation with a licensed legal professional in a particular case or circumstance.

View More Library Documents By...

Proskauer Rose LLP Overview