The President signed an executive order intended to improve the network security of "critical infrastructure." As noted by The Hill, the order charges the National Institute of Standards and Technology with the task of creating a framework of best practices for operators in industries like transportation, water and health to follow, due in the next 240 days.
The Department of Homeland Security is also heading up a
voluntary program works with various agencies and industry groups to
make sure the policies are actually adopted, and find ways to create
incentives for that to happen.
The president also called for Congress
to pass legislation to prevent cyberattacks during his speech, and this
order is reportedly meant as a step in that direction.
The Wall Street Journal indicates
many businesses want liability protection against attacks in exchange
for following the guidelines, which would require approval form Congress
in order to happen.
It includes language accounting for privacy
concerns as well, with agencies required to look over the potential
impact of their work, and release public assessments. The DHS is to
report in a year how its work impacts civil liberties and provide
recommendations on mitigating such risks.