The IT Law Wiki


Government Accountability Office, The 2013 Cybersecurity Executive Order: Overview and Considerations for Congress (CRS Report R42984) (Mar. 1, 2013) (full-text).


In February 2013, the White House issued an executive order designed to improve the cybersecurity of U.S. critical infrastructure (CI). Citing repeated cyber intrusions into critical infrastructure and growing cyberthreats, Executive Order 13636, Improving Critical Infrastructure Cybersecurity, attempts to enhance security and resiliency of CI through voluntary, collaborative efforts involving federal agencies and owners and operators of privately owned CI, as well as use of existing federal regulatory authorities.

The issuance of the executive order in the absence of congressional action raises several questions that are addressed in this report:

  • What are the kinds of threats to the national security and economic interests of the United States that the executive order is intended to address?
  • What steps does it take to address those threats?
  • What is the legislative and constitutional authority for the executive order?
  • How do its provisions relate to those in the major legislative proposals in the 112th and 113th Congresses?