This post was written by Timothy J. Nagle.
An earlier blog post analyzed a draft Executive Order on critical infrastructure cybersecurity. A newer version of the order is similar to its predecessor, but the ultimate goals remain: using existing regulatory authority, improving information sharing, developing a “voluntary” framework of standards, incentivizing (or punishing?) owners and operators of critical infrastructure, and protecting privacy and civil liberties. All owners and operators may be impacted, but those that are specifically targeted by threats, or that present catastrophic consequences if their function is interrupted, should expect to change their business and compliance processes.
Please click here to read the issued Client Alert.