Last week, USA Today reported that President Trump had signed, on May 11th, a long-awaited executive order designed to improve the nation's cybersecurity. Trump's homeland security adviser Tom Bossert said the order is designed to fulfill the president's pledge to "keep America safe, including in cyberspace."
The executive order outlines three key priorities for the Trump administration's efforts in cyberspace: Protecting federal networks, updating antiquated and outdated systems, and directing all department and agency heads to work together "so that we view our federal I.T. as one enterprise network," Bossert said.
According to a report from cybersecurity company Thales, 34% of federal agencies experienced a data breach in the last year, and 65% experienced a data breach at some point in the past. Almost all agencies – an astonishing 96% – reported that they considered themselves "vulnerable" to cyberattack, with 48% saying they were "very" or "extremely" vulnerable.
The primary reports the order demands include an assessment of the nation's critical infrastructure, the electrical grid and the Department of Defense's warfighting capabilities. Different agencies and organizations are given different timelines for when these reports must be completed, but most are due within the next 90 to 240 days. The majority of the reports will be filed with the Department of Homeland Security (DHS), though the reports relating to national security through the Secretary of Defense and the Director of National Intelligence. Those may be classified.
With a global shortage of skilled cybersecurity workers, the order asks the Secretary of Commerce, together with DHS, to review the nation's training programs and to increase the ability to procure more cybersecurity specialists.
The executive orders asks the Secretaries of Commerce and of Homeland Security to lead a process that will improve the resilience of the Internet against botnet attacks and dramatically reduce the threat they pose to the nation's communications. A report on the effort is due within one year.
In general, the order treats cybersecurity as a non-partisan issue and has received positive reviews for following the general trajectory of previous administrations.
E-mail: firstname.lastname@example.org Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology