May 16, 2017
Trump has signed a new executive order targeting the Federal government's somewhat appalling vulnerability to cyber threats, mandating one set of standards to all federal agencies and making the heads of each agency accountable for the security of its network's critical infrastructure.
The order was a long time coming. It was discussed in length when he was due to become president and he promised to release an order within 90 days of taking the office. Trump was initially set to sign the order in January, shortly after he swore in and a press conference was held regarding the issue. Although a draft of the order was prepared, the final order was neither signed or released.
"The United States invented the internet and we need to better use it," Tom Bossert, Trump's homeland security adviser, said at a briefing on the order for reporters. "There will always be risk, and we need to address that risk."
According to the order all Federal agencies and affiliates are supposed to review their existing security infrastructure by following the standards set by The National Institute of Standards Technology and submit a report of the assessment on their risk within 90 days.
Additionally, the order directs that all agencies move their activities to the cloud which can act as one big hub for all federal related cyber activities. All this is being brought into effect in an effort to modernize the present IT infrastructure and to push towards shared IT services which will help them reduce IT costs while improving their overall capability and efficiency.
"We've got to move to the cloud and try to protect ourselves instead of fracturing our security posture," Bossert said, adding: "If we don't move to shared services, we have 190 agencies all trying to develop their own defenses against advanced collection efforts."
Most of the order stresses on reviewing the existing IT infrastructure in various fields and assessing it, and there are lots of it. One for US' general vulnerabilities, one for the country's main adversaries and so on. There is so much to review that US senator John McCain, Chairman of the Armed Services Committee, openly expressed his displeasure towards it in an official statement.
"We do not need more assessments, reports and reviews," McCain said in the statement, insisting that the priority should be "the urgent business of formulating a strategy to deter, defend against and respond to cyberattacks on our nation."
When it comes to cyber capabilities alone, the US falls far short of its adversaries and other cyber superpowers like Russia, the UK and Israel. While Israel boasts of having the most advanced cyber defense in the world, Russia time and again has proved that it is the biggest bully in the playground when it comes to offensive cyber capabilities. Looking at the present international scenario, the US has much to desire in the field.