Trump Cyber Executive Order Calls for 60-Day Review

President Donald Trump postponed the release and signing of an Executive Order around cybersecurity that calls for a 60-day review systems and critical infrastructure.

President Donald Trump cited the hack of the Democratic National Committee as a “good example” for the need of a stronger cyber security measures for both the private and public sector.

“The Democratic National Committee was hacked successfully, very successfully, and terribly successfully,” Trump commented Tuesday during a White House meeting with Rudy Giuliani, who is expected to be the president’s informal adviser on cybersecurity issues.

The president had planned to sign the Strengthening U.S. Cyber Security and Capabilities executive order Tuesday, but cancelled the signing at the last minute.

During what was billed as a listening session with Giuliani, Trump reiterated earlier claims he had made that the strong cyber security used by the Republican National Committee had fended off hacking attempts. “We had a very strong defense system against hacking,” Trump commented.

Tuesday’s comments come as more light is being shined on the Trump administration’s cyber security plans. On Friday, The Washington Post published the administration’s draft of the executive order.

The draft reveals the White House will be calling for swift review of “national security systems” and critical infrastructure within 60 days of the time the executive order is signed. Within 100 days, the president says he will ask for an assessment based on current threats and vulnerabilities and will call for recommendations on how to incentivize the private sector to adopt effective cyber security measures.

The Trump administration’s approach is in line with efforts made by the Obama administration, which also ordered a 60-day cyber security assessment after the OPM hack.

In the six-page draft executive order, Trump indicates that it will be a priority of the federal government to protect not just government interests but also the private sector.

“Federal Government has a responsibility to defend America from cyber attacks that could threaten US national interests or cause significant damage to Americans’ personal or economic security,” read the draft order.

Civil liberty groups such as the Electronic Privacy Information Center and the Electronic Frontier Foundation declined weigh-in on the executive order, reserving final judgment for the final draft.

“We haven’t see in the (final) EO yet, but EPIC is concerned that the evolving cybersecurity policy of this administration lacks public participation and public oversight,” commented said Alan Butler, appellate advocacy counsel for EPIC. He added, the administration must support a comprehensive investigation of the interference with the 2016 election.

Legal experts commenting on the draft said that compared to other Trump executive orders, this one was tame.

“The biggest surprise is the absence of any mention of the FBI.  We are not sure how to explain this, as the FBI and law enforcement secured an important role in cybersecurity early in the Obama Administration,” wrote Charley Snyder and Michael Sulmeyer, both with Harvard Kennedy School’s Belfer Center’s Cyber Security Project, in a Lawfare Institute blog post.

Snyder and Sulmeyer assert that the FBI has been instrumental when it comes leading Obama-era cyber security policies. “Depriving them of a role in these reviews will be a significant reversal from past years,” they wrote.

The draft executive order has not been confirmed by the White House.

Suggested articles