President Obama Issues Cybersecurity Executive Order

President Obama signed an executive order Tuesday aimed at improving information-sharing between government and industry about cyber threats and at establishing a risk framework and best practices for businesses.

Because of the distinction between an executive order and a new law, federal agencies or departments are not granted any new powers they do not already have. The order does, however, direct certain agencies to take certain steps.

Entitled “Improving Critical Infrastructure Cybersecurity,” the executive order gives the Department of Homeland Security, the Attorney General, and the Director of National Intelligence 120 days to issue instructions to ensure the timely production of unclassified reports of cyber threats that can be widely shared. The process will include rapid dissemination of reports to entities targeted by the cyber threats.

The order also directs the National Institute of Standards and Technology to lead the development of a framework to reduce cyber risks to critical infrastructure, one that will serve as a broad bulwark against digital infiltration of all kinds. The Cybersecurity Framework will include a set of standards, methodologies, procedures and processes to address cyber risks with a goal of providing flexible solutions to respond to cyber risks while keeping industry adoption voluntary.

“All of this really means credit unions should stay tuned for any new developments,” said Northwest Credit Union Association (NWCUA) Director of Compliance Services David Curtis, “especially because regulatory agencies like the FFIEC can issue guidance to ensure adoption of the framework recommendations.”


Questions? Contact the Compliance Hotline: 1.800.546.4465,

Posted in Advocacy News, Compliance News, CUNA, Federal, NWCUA.