Trump signs executive order for sweeping review of US cybersecurity
It was originally on his desk to sign in late January.
Today, Trump finally signed an executive order for an extensive review of the US government's cybersecurity, which has been some months coming. He was originally set to sign an earlier version back in January, but postponed it for unknown reasons. A draft of the revised EO surfaced in late April, which was an improvement over earlier versions, cyber experts told Politico -- but today's order essentially maintains the cybersecurity path set by the last two administrations. What it concretely does is order reviews of the government's digital security and report back.
The reviews aim to point out holes in the nation's cybersecurity that have been abused by pranksters, hackers and foreign government-directed data thieves. The EO further directs agencies to adopt better digital safety practices, though details are scarce at the moment pending the full release of the order. The Obama-formed cybersecurity commission's report released in December did recommend specific security-improving policy changes, but it's unclear if today's EO follows those directives.
"Our nation's economic and national security rely on a safe, secure, and reliable cyber space," Secretary of Homeland Security John F. Kelly said in a DHS statement emailed to Engadget. "DHS has long been a leader in protecting our nation against cyber threats and this executive order reaffirms our central role in ongoing cybersecurity efforts. We have developed strong operational relationships with our government partners to protect federal civilian networks and have established trusted partnerships with the private sector to improve the cybersecurity of the nation's critical infrastructure."
The order also commissions a survey to determine the feasibility of transitioning the government's aging individual IT systems into shared services and networks. As Politico points out, 80 percent of the $80 million federal IT budget goes toward maintaining legacy setups.
This will be the first cybersecurity measure ordered by Trump. It comes a week after his previous EO created the American Technology Council, which includes senior Trump adviser and son-in-law Jared Kushner, and gestured vaguely toward modernizing the IT systems and information delivery used by the government. Sources tell Politico that both the Council and Kushner's Office of American Innovation will implement the modernization of the government's IT systems.
Oh, and before you ask: The EO reportedly vowed to improve security against foreign threats, but said nothing about Russia. Yet, on the same day, the Director of National Intelligence told the Senate Select Committee on Intelligence that Russia will continue to be a cyber threat to the US.
