|Last week President Trump signed an executive order to bolster our nation’s cybersecurity and maintain and strengthen U.S. cybersecurity capabilities.
The order addresses the network security of U.S. government agencies, enhances the protection of infrastructure like the financial sector and the energy grid, and provides guidelines for developing a more robust cyber deterrence strategy.
As accusations of hacking and cyberattacks by Russia and China continue to pile up, and scores of people and institutions suffer embarrassing revelations on WikiLeaks, the need for cybersecurity has never been clearer. The devastating WannaCry ransomware cyberattacks last week only underscored how desperately we need public and private sector cybersecurity practices that work effectively.
One of the key aspects of Trump’s order is that the National Institute of Standards and Technology (NIST) will be developing the cybersecurity standards that the federal agencies must follow, according to a framework they have set up which will fulfill five key functions: identify, protect, detect, respond and recover. Each of these functions is divided and subdivided to enable augmentations and deletions of concepts at those smaller levels, allowing for increased flexibility for the framework, according to NIST’s Matthew Barrett.
Under the executive order, agency heads will be held accountable for implementing risk management measures that are proportional to the risk and magnitude of harm that unauthorized access and use could cause. All federal agencies will have to abide by NIST’s framework in their efforts to manage their cybersecurity risks. Additionally, the executive order requires agencies to provide a risk management report to the Secretary of Homeland Security and the Director of the Office of Management and Budget within 90 days of the order being signed.
Since this is a cybersecurity compliance standard, it stands to reason that all government contractors and sub-contractors will be affected. While DOD contractors have faced tight cybersecurity standards for years, other businesses operating in the federal space, like those in the health industry, for instance, may have adjusting to do.
This represents both a challenge and a business opportunity for those with the cyber-security and implementation know-how.
If you’re interested in learning more about how federal agencies can improve their respective data security measures to respond to constantly evolving IT threats and the evolving role of cyber and strategic partnerships, you can attend the Potomac Officers Club’s 2017 Spring Cybersecurity Summit. The Summit will be held on Wednesday, May 24th at the Westin Tysons Corner, located at 7801 Leesburg Pike Falls Church, Virginia 22043.
Keynote speakers include:
ADM. MICHAEL ROGERS – Commander/US Cyber Command & Director, National Security Agency (NSA) of U.S. Navy
JEANETTE MANFRA – Deputy Under Secretary for Cybersecurity and Communications (Acting), Office of the Under Secretary, NPPD of the DHS
RON PONTIUS – Deputy to the Commanding General U.S. Army Cyber Command of the DoD
Click here to register for this event.
THIS WEEK’S TOP GOVCON STORIES