Obama Signs Executive Order Encouraging Private-Sector Companies To Share Cyber Security Information

President Barack Obama asked for more collaboration and the open sharing of information between private-sector companies and the U.S. government at the White House Cybersecurity Summit at Stanford today.

While pushing for that collaboration, he admitted it would be a challenge to both keep up with cyber threats and protect American’s right to privacy at the same time. “Protecting the American people while making sure government is not abusing its capabilities is hard. The cyber world is sort of the Wild Wild West and to some degree we are asked to be the sheriff,” he told a crowd at the Memorial Auditorium.

To encourage the sharing of information between the government and private industry in case of cybersecurity threats, Obama signed an Executive Order at the end of his speech. One of those provisions encourages information sharing and analysis organizations (ISAOs), which would serve as points of contact for information sharing between the government and the private sector.

The order added the Department of Homeland Security to the list of government organizations that would be able to approve the sharing of classified information and ensure that proper information is shared between entities.

Obama said in his speech that neither the government nor the private sector could take on cyber threats alone and that they would need to come together to share information as partners.

The big question here is whether the private sector will be willing to offer this information. Many companies are still reeling from Edward Snowden’s revelations that they were handing over consumer information to the U.S. government and have since taken measures to encrypt data, even from themselves.

Obama acknowledged the challenge to protect American citizens from cyber threats, but at the same time protect their right to privacy. He mentioned companies such as Symantec, Intel and PG&E as stepping up and using the government’s new Cybersecurity Framework, but likened the process of technological development to building a cathedral.

“[T]hat cathedral will not just be about technology but about the values we have embedded in this system. It will be about privacy and security and about connection. A magnificent cathedral and we’re all going to be a part of that,” he said.