President Donald Trump signed an executive order designed to strengthen the cybersecurity of the federal government that will require National Institute of Standards and Technology (NIST) to provide a cyber-security process framework that all federal agencies comply with.
The White House-released document entitled: “Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure” imposes a 90-day process for the implementation of a cybersecurity framework on all Federal agencies. National Institute of Standards and Technology (NIST), a non-regulatory body charged with developing cybersecurity standards for the federal government, is charged with the development of the framework the agencies must follow.
Trump’s executive order also says that risk management will be handled by the government as an “executive branch enterprise” because it has “for too long accepted antiquated and difficult-to-defend IT.”
During the phone call with reporters announcing the order Thursday, Homeland security adviser Tom Bossert explained that Trump’s order fulfills his pledge to “keep America safe, including in cyberspace” and added that “I think the trend is going in the wrong direction on cyberspace.” He specifically mentioned the threat from China, the country believed to be behind a massive cyber data theft from the Office of Personnel Management that compromised the sensitive personal information of roughly 21.5 million people.
The order had been expected for months, but was delayed. It follows months of hacking accusations: the U.S. intelligence community accused Russia of orchestrating a campaign of cyberattacks; and Democratic political organizations and high profile officials in Hillary Clinton’s campaign suffered embarrassing revelations on WikiLeaks.