Trump Signs Cybersecurity Order

President Trump has signed an executive order on cybersecurity that aims to bolster the cyber-security of federal networks and the critical infrastructure of the US.

The cyber-security order has long been anticipated as Trump balked on signing a cybersecurity order mere days into his presidency.

The order has three major components: protecting federal networks, cyber-security of critical infrastructure and promoting cyber-security workforce development.

As expected by experts, it continues an approach espoused by the Obama administration that leans on public-private partnerships. Effective immediately, each agency has been ordered to adopt the National Institute of Standards and Technology's framework of cybersecurity standards, which was released in 2014, followed by a draft update in January. The voluntary framework was created as a "set of industry standards and best practices to help organisations manage cyber-security risks." If a successor document is published, then agencies must abide by that.
Trump's order pushes for a higher degree of centralisation and will hold department heads accountable for managing cybersecurity risk management and modernisation for IT and data as part of an "executive branch enterprise.

Speaking about the cyber order during the White House press briefing, Tom Bossert, Trump's homeland security adviser, referred to the data breach at the Office of Personnel Management in 2014, in which it is estimated that hackers stole records for up to 21.5 million people.

Bossert said agency will not only have a responsibility to protect their own networks, but will also have a responsibility to identify risks and share that information with the White House.

"That executive order among other things is going to keep his promise that he has made to the American people to keep America safe, including in cyber-space," Bossert said.
Bossert noted that the US has seen an uptick of attack not only from the country's enemies, but also allies. "Sitting by and doing nothing is no longer an option," he said.
Asked if the Russian hacking interference in the US election was the impetus for the order, Bossert asserted that it was not.
"No, it was not a Russian-motivated issue," he said. "It was a United States of America-motivated issue."

Washinton Examiner:

You Might Also Read: 

Trump Administration's Policy On Cybersecurity:

US Defense Intelligence Agency Upgrades Cybersecurity:

Deterrence & Cyber Attacks On The US Electoral System:

 

« Cyber Crime Drives Up The Cost Of Insurance
What We Know About The WannaCry Cyberattack So Far »

Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

eBook: Practical Guide to Security in the AWS Cloud

eBook: Practical Guide to Security in the AWS Cloud

AWS Marketplace would like to present you with a digital copy of the new book, Practical Guide to Security in the AWS Cloud, by the SANS Institute.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 5,000+ specialist service providers.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Black Hat Briefings

Black Hat Briefings

The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world.

Versasec

Versasec

Versasec is a leader in identity and access management, providing customers with security solutions for managing digital identities.

Swivel Secure

Swivel Secure

Swivel Secure is an award winning provider of multi-factor authentication solutions.

Experian

Experian

Experian provide software solutions to help organizations prevent identity fraud and crime.

Entreda

Entreda

Entreda offers a unified platform to automate cybersecurity and compliance policy enforcement for your devices, users, networks, applications.

Neowave

Neowave

Neowave designs, manufactures and markets strong authentication solutions based on smart card components and digital certificates.

Finnish Accreditation Service (FINAS)

Finnish Accreditation Service (FINAS)

FINAS is the national accreditation body for Finland. The directory of members provides details of organisations offering certification services for ISO 27001.

Voodoo Security

Voodoo Security

Voodoo Security is a specialized information security consulting firm focused on security assessments, risk and compliance analysis, and cloud security.