Obama taking action against cyberthreats

An executive order targets the way companies share information about potential cyberthreats

President Obama will announce an executive order Friday intended to improve the way companies share information about potential cyberthreats with one another and the government, part of a White House push to elevate concerns about cybersecurity and react to a rash of high-profile attacks.

The new order will lay out guidelines that will encourage more cooperation between companies and a faster response from the government, according to a White House statement.

"Rapid information sharing is an essential element of effective cybersecurity because it ensures that U.S. companies work together to respond to threats, rather than operating alone," the White House said.

Obama will tout the new step at a White House-organized conference on the issue at Stanford University. The event will pull together dozens of chief executives, technology experts, privacy and civil liberties advocates, academics and government officials, the White House said.

Apple Inc. Chief Executive Tim Cook is scheduled to introduce Obama as the keynote speaker.

The White House has been trying to retool its strategy on fighting cybercrime, spurred in part by North Korea's digital hack at Sony Pictures. This week the administration said it would create a new cyberintelligence center to coordinate how the government collects and track threats from hackers in the U.S. and abroad.

The White House also has tried to revive cybersecurity legislation stalled in Congress, in part, by amending its proposal to accommodate business concerns about privacy, regulation and liability.

On Friday, private-sector leaders will come to the conference with voluntary pledges to improve their practices, the White House said.

Nine major companies, including Apple, Bank of America Corp., U.S. Bancorp, Walgreen Co. and Kaiser Permanente, will announce their plans to use all or part of a cybersecurity framework developed by the administration last year.

Visa and MasterCard will tout plans to improve their payment systems, and several financial services firms will take steps to make credit scores more easily available — a step the White House said will help Americans detect identity theft.

Jeffrey Zients, director of the National Economic Council, said the aim was to encourage the private sector to better secure sensitive data and to protect their consumers.

"Cybersecurity and consumer protection are two sides of the same coin," he said. "When a company suffers a data breach, oftentimes it's their customers who are most affected."

Officials did not describe the new executive order in detail. But Michael Daniel, a White House cybersecurity advisor, said the action would help the Homeland Security Department do a better job of managing the flow of information into the government.

Companies have been wary of turning over proprietary or other sensitive data to government agencies investigating potential attacks, out of concerns for how it will be used or that it would be potentially made public. The issue is among the sticking points holding up the legislation on Capitol Hill.

Daniel said the new action was intended to improve the chances of the legislation moving forward.


Copyright © 2016, Los Angeles Times