New Executive Order Changes Cybersecurity Requirements for Federal Agencies
U.S. President Donald Trump signed an executive order today to bolster the government’s cybersecurity and protect critical infrastructure from cyberattacks.
The White House said the order aims to improve the network security of government agencies, after a period of broad breaches and the theft of millions of personal records, and to enhance protection of critical infrastructure such as the energy grid and financial sector, Reuters reports.
The order requires federal agencies to follow the NIST Cyber Security Framework, which was developed during the previous administration and offers recommendations, best practices and advice for enterprises looking to improve their cyber risk awareness and security, as well as detection, response and recovery.
Along with utilizing the NIST Framework, heads of federal agencies must prepare a report within 90 days documenting how they will implement it.
The Obama administration encouraged the private sector to adopt the voluntary framework, but it did not require government agencies to do so.
President Trump has asked agencies to review their federal workforce’s cyber talent, an area facing significant shortfalls recently. The order calls for an examination of the impact of moving agencies toward a shared information technology environment, such as through cloud computing, and it urges voluntary cooperation with the private sector to develop better strategies to combat cyberattacks.
The full executive order is available to read here.
Learn more about the NIST Cyber Security Framework in Cyber Tactics columnist Steven Chabinksy's series: "Inside the NIST Cyber Security Framework."