Cyber Security Practitioner
Back to Contents

Volume: 3 Issue: 5
(May 2017)

Keywords:
trump orders us government assess cyber defences 11 may 2017 us president donald trump signed ‘executive order strengthening cybersecurity federal

Jurisdictions:
US

Options:
Share This Page



Trump orders US Government to assess its cyber defences

On 11 May 2017 US President Donald Trump signed the ‘Executive Order on Strengthening the Cybersecurity of Federal Network and Critical Infrastructure’ (‘Order’), imposing stricter cyber security regulation on US federal agencies and executive departments. The Order, which took immediate effect, calls for all agencies and executive departments to implement the NIST’s Framework for Improving Critical Infrastructure Cybersecurity, which was first introduced on a voluntary basis by the Obama administration in 2014. The Order states that ‘Agency heads will be held accountable by the President for implementing risk management measures,’ and that they must file a risk management report to the President outlining their current cyber defences within 90 days of the Order being issued.

The Order outlines the US Government’s plan to reorganise and strengthen its cyber security depending on the results of the risk management reports, describing its aim for agency heads to ‘show preference in their procurement for shared IT services, […] including email, cloud and cybersecurity services.’ Kirk Nahra, Partner at Wiley Rein LLP, questions whether these intentions will be realised. “I expect this Order to result in additional activity to assess the cyber security protections of federal government activities,” comments Nahra, “but it’s not clear if this is really anything different than what has been looked at before.”

The Order also outlines a prospective plan to integrate agencies into one or more shared network architectures in which all IT and cyber security services will be shared, and an additional report from the Director of the American Technology Council will determine the technical, financial, and timeline feasibility of such a plan. Aaron Simpson, Partner at Hunton & Williams, believes that the plan will be effective in strengthening cyber defences. “The Order’s focus on transitioning the federal government to shared, cloud-based IT services could provide these agencies with the greatest security benefits because these services make securing data more efficient and less costly.” Simpson does however note the technological and financial implications of making this happen. “The strength of the agencies’ cyber security programs will ultimately hinge on having sufficient budgets and cyber security capabilities to maintain them […] any tangible solutions that derive from these efforts are likely to be a long way away,” explains Simpson.

As a statement of intent to improve cyber security in the US, Nahra believes the Order was certainly called for. “There is always room for improvement,” said Nahra, “and cyber security requires constant re-evaluation. I doubt they will find too much aggressively wrong, but this is clearly an area where additional resources and expertise are needed.” The agencies that require the most drastic improvements will be prioritised by the Order, and as a result of their identification the US Government will employ cyber security expertise to assist the agencies that need it most.

The risk management reports on current cyber security that the Order mandates must be submitted to the President for review by 9 August 2017.

Search Publication Archives



Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
Sign up for e-mail alerts
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed