Trump Administration Grapples with Proposed Cybersecurity Executive Order
On January 31, 2017, media outlets reported that an executive order on cybersecurity would join the growing list of executive orders issued by President Donald Trump in the first weeks of his administration. A draft of the executive order, titled Strengthening U.S. Cyber Security and Capabilities, leaked on January 27, 2017. It contained a number of new cybersecurity mandates for federal agencies and outlined new management structures to address cybersecurity concerns. The draft tasked the White House Budget Office with assessing potential cybersecurity risks within the executive branch and held cabinet secretaries and agency heads responsible for updating and securing their department’s information technology systems. The draft also elevated the role of the Defense Department in civilian cybersecurity to mirror that of the Department of Homeland Security. Some DHS officials criticized this decision, asserting that private companies would prefer to work with DHS rather than the military. The signing, however, was abruptly cancelled without explanation after President Trump met with technology and cybersecurity experts on January 31.
Since January 31, revised drafts of the executive order have been leaked but a formal signing has yet to be scheduled. While the new drafts share many similarities with the original, critics of the newer drafts questioned the exclusion of a proposed “workforce development review . . . to understand the full scope of U.S. efforts to educate and train the workforce of the future” – something which was a key component of the original draft. Additionally, the new drafts make no mention of cybersecurity qualifications or training for staffers. Others note that the drafts place too much focus on cyber attackers and neglect the risks associated with improper disposal of obsolete devices. Many expected the Administration to reveal the finalized order during the RSA Conference – one of the nation’s largest computer security conferences – in mid-February. However, at the time of publication, no officials from the Trump Administration have attended the conference and the administration has not revealed the finalized executive order.
Sources and Further Reading:
- Here’s the Full List of Donald Trump’s Executive Orders – NBC News
- Cyber Security Executive Order Signing Cancelled – CBS News
- Read the Trump Administration’s Draft of the Executive Order on Cybersecurity – The Washington Post
- Draft Trump Order ‘Kicks the Can Down the Road’ on Cybersecurity – Foreign Policy
- Update 2 – Trump to Order Departments to Beef up Cyber Security – CNBC
- Trump Outlines Plan to Tighten Government Cybersecurity, Postpones Order – NBC News
- Trump Order May Give Pentagon Bigger Role in Cybersecurity – The Guardian
- Cyber Executive Order, a Reasonable Step Forward, Yet More Remains to be Done – The Hill
- White House Withholds Cyber-Security Order for Further Revision – EWeek
- Trump Reps Skip Big Cyber Security Conference, a Break with Past – USA Today