On May 11, President Trump signed Executive Order (EO) on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. This is a significant development for U.S. cybersecurity as it represents a concrete call to action for the government to modernize its information technology, beef up its cybersecurity capabilities, protect our country’s critical infrastructure from cyberattacks, and ensure the overall cybersecurity and privacy of the internet for generations to come. The EO also stresses the importance of the growth and sustainment of a workforce that is skilled in cybersecurity as the foundation for achieving U.S. objectives in cyberspace.
This EO was much anticipated. In fact, earlier this year, we, along with many other internet sources, reported that President Trump was expected to sign soon EO on Strengthening U.S. Cyber Security and Capabilities. The “leaked” draft of the expected EO we examined at that time was never signed, and the actual, signed EO on cybersecurity bears little resemblance to the version that circulated on the internet in February.
The signed EO requires various agencies to prepare a number of reports on the current status of cybersecurity and risk management and to present plans for improvement and further development. Because there are tight deadlines associated with these reports, the agencies are already at work on conducting the necessary analysis and developing path forward. With all its robustness, the EO, however, represents a natural progression in strengthening our national cybersecurity and builds upon previous federal efforts. Indeed, the EO expressly ties several of its mandates to the various cybersecurity orders signed by President Obama.