There has been a leaked draft of President Donald Trump’s cybersecurity executive order emphasizing the need for the entire executive branch to compare the standing of the USA’s cybersecurity capabilities with the capabilities of the rest of the world. According to an earlier draft previously obtained by MeriTalk, “The executive branch has for too long accepted antiquated and difficult to defend IT and information systems,” the order states. “Effective immediately, it is the policy of the United States to build a more modern, more secure, and more resilient Executive Branch IT architecture.”
According to the leaked order, the president is now asking executives to draft several reports, which can be used to compare these factors.
- Each agency head will provide a risk management report to the secretary of Homeland Security and the director of the Office of Management and Budget within 90 days of the date of this order. Then the secretary of DHS, secretary of Commerce, the director of OMB, and the administrator of General Services will report to the president on how to secure the executive branch’s networks. Reed Cordish, assistant to the president for Intragovernmental and Technology Initiatives, will coordinate a report to the president from these executives regarding modernization of IT. Agency heads are required to show preference in their procurement for shared IT services to the extent permitted by law, including email, cloud, and cybersecurity services.
- The secretary of Defense and the director of national intelligence will be in charge of IT modernization for national security networks.
- The secretary of Homeland Security, the secretary of Defense, the attorney general, the director of National Intelligence, and the FBI director are tasked with leading the efforts to secure the nation’s critical infrastructure. They will provide a report to the president, which will state a plan for how to secure these networks within 180 days of the executive order.
- The secretary of DHS will examine the efficacy of the existing cybersecurity policies and make recommendations for any changes that need to be made.
- The secretaries of Commerce and Homeland Security will consult with the secretary of Defense, the attorney general, the director of the FBI, the chairs of the Federal Communications Commission and Federal Trade Commission, and other interested agency heads, about how to combat automated cybersecurity attacks such as denial of service attacks, and will submit a publicly available report within 240 days.
- Within 90 days of the date of this order, the secretaries of State, Treasury, Commerce, Homeland Security, and Defense, the attorney general, and the United States trade representative, in coordination with the director of national intelligence, shall jointly submit a report on the nation’s options for deterring adversaries and better protecting the American people from cyber threats.
- The secretary of State will be required to submit a report on international cybersecurity policy priorities.
- The secretaries of Commerce and Homeland Security, in consultation with the secretaries of Defense, Education, and Labor, the director of the Office of Personnel Management, and other executive branch agencies identified by the secretaries of Commerce and Homeland Security, will address the state of education of the cybersecurity workforce and present a report to the president within 120 days.
- The director of national intelligence will submit a report to the president on the education of the international cybersecurity workforce within 60 days.
- The secretary of Defense, in coordination with the secretaries of Homeland Security and Commerce, will write a report on the scope and sufficiency of U.S. efforts to ensure U.S. national security-related cyber capability advantage within 150 days of the order.
By working with a FedRAMP compliant Cloud Service Provider (CSP) such as Project Hosts, Inc. you are always at the forefront of highly secure cloud computing solutions. FedRAMP SaaS compliant solutions offer innovative and holistic security solutions and features that protect against foreign threats, attacks and cyber crimes – enabling you to quickly detect and respond to attacks should they occur.