WASHINGTON (2/14/13)--The Credit Union National Association is encouraged that President Barack Obama's cybersecurity executive order, which was signed this week, offers opportunities for additional coordination between the public and private sectors on cybersecurity and critical infrastructure issues.
"CUNA believes the cybersecurity framework should recognize existing, robust data security standards that are applicable to financial institutions and credit unions," CUNA President/CEO Bill Cheney said.
The executive order includes a broad, general framework intended to improve "critical infrastructure" cybersecurity coordination and information sharing among government agencies and the private sector. The order is consistent with existing, applicable law--it does not provide new legal authority or "provide an agency with authority for regulating the security of critical infrastructure in addition to or to a greater extent than the authority the agency has under existing law."
"Critical infrastructure" is not defined in the order, but could potentially include the power grid, financial market exchanges, and telecommunications networks, CUNA noted.
Under the order, the U.S. Department of Homeland Security will work with sector-specific agencies to identify critical infrastructure and assess cybersecurity requirements. The U.S. Treasury is the sector-specific agency that would oversee the financial sector on cybersecurity, and will work with federal financial regulators including the National Credit Union Administration, CUNA said.
The National Institute for Standards and Technology will coordinate a cybersecurity standards framework.
CUNA continues to assess the impact of the cybersecurity order, and is working with the NCUA, the Financial Services Sector Coordinating Council, BITS, the Treasury and other entities to coordinate on cybersecurity issues, and to ensure that credit unions are not unduly impacted from the cybersecurity framework for critical infrastructure entities. CUNA is also engaged with Congress on any cybersecurity legislation that would provide new legal authority and requirements, such as with liability provisions on information sharing.
For more on the executive order, use the resource link.
Bipartisan cyber threat information sharing legislation was also reintroduced by House Intelligence Committee Chairman Mike Rogers (R-Mich.) and Ranking Member C.A. Dutch Ruppersberger (D-Md.) on Wednesday. The bill, known as the Cyber Intelligence and Sharing Protection Act (H.R. 624), was supported by CUNA last year and passed the House last spring.