The Cybersecurity Executive Order and Presidential Policy Directive: What Does Success Look Like?

On November 19, the Center for 21st Century Security and Intelligence at Brookings hosted a panel discussion on the 2014 national cybersecurity agenda. Since the publication of Executive Order 13636 and Presidential Policy Directive 21, both aimed at improving the security and resilience of U.S. critical infrastructure, including managing the risks posed by cyberattacks, the main focus on public attention has been on the development of the voluntary Cybersecurity Framework. After the National Institute of Standards and Technology’s recent release of the Preliminary Cybersecurity Framework for comment, attention is shifting to what it will mean and how the wider agenda will move forward. Simply, what does success look like, and what has to happen next to get there?

The expert panel represented the key stakeholders in the development of a national strategy for cyberspace. Acting Under Secretary for National Protection and Programs Suzanne Spaulding spearheads the Department of Homeland Security’s mission to reduce risk to and enhance the resiliency of critical infrastructure; Richard Bejtlich, chief security officer at Mandiant, has more than 15 years of experience in enterprise level intrusion detection and incident response; Allan Friedman, fellow in the Brookings Institution’s Center for Technology Innovation, is an expert on the economics of cybersecurity.

Ian Wallace, visiting fellow in cybersecurity, moderated the discussion.

 Join the conversation on Twitter using #cyber2014.