President Signs Cybersecurity Executive Orders

(February 19, 2016) On February 9, 2016, President Obama signed two executive orders intended to strengthen the government’s cybersecurity defenses and protect citizens’ personal information held by government entities.

The Executive Orders created two new entities, a Commission on Enhancing National Cybersecurity and a Federal Privacy Council. The Commission will bring together leaders from the business, technology, national security, and law enforcement communities. They will be responsible for making “recommendations to strengthen cybersecurity in both the public and private sectors while protecting privacy, ensuring public safety and economic and national security, fostering discovery and development of new technical solutions, and bolstering partnerships between Federal, State, and local government and the private sector in the development, promotion, and use of cybersecurity technologies, policies, and best practices.”

The recommendations are intended to address policies that can be implemented within the next decade. A final report is due to the president by December 1, 2016.

The Federal Privacy Council will be composed of chief privacy officers from 25 federal agencies. The Council will serve as a vehicle for federal CPOs to collaborate on best practices for protecting the data about citizens that the federal government collects and maintains.

The two Orders were released along side the administration’s proposed Fiscal Year 2017 budget. This year the administration included $19 billion for information technology upgrades and other cyber initiatives — a 35% increase from 2016 spending levels.

The President also intends to create a new Chief Information Security Officer position for the federal government. This individual will oversee government-wide efforts to modernize cybersecurity and related information technology.


Jen Ortega serves as a consultant to EDUCAUSE on federal policy and government relations. She has worked with EDUCAUSE since 2013 and assists with monitoring legislative and regulatory proposals across a range of policy areas, including cybersecurity, data privacy, e-learning, and accessibility.