Trump’s draft cyber order: Review vulnerabilities, adversaries, options

AP17027661907524.jpg

President Donald Trump speaks during a news conference with British Prime Minister Theresa May, Friday, Jan. 27, 2017, in the East Room of the White House in Washington. (AP Photo/Evan Vucci)

In what has been a busy first week of laying out potential policy agendas for the 45th presidency, President Donald Trump is taking aim at cybersecurity, a stated, yet vague promise of his for some time.

A draft executive order, obtained by the Washington Post, notes “America’s civilian government institutions and critical infrastructure are currently vulnerable from both state and non-state actors.”

The order provides a three-pronged approach toward addressing cyberspace in the form of reviews, plus an additional report on how to encourage cybersecurity in the private sector.

Review of cyber vulnerabilities

  • Deliver initial recommendations for protection of national security systems within 60 days of the order.
  • Deliver initial recommendations for enhanced protections of civilian federal government, public and private sector infrastructure and national security systems with 60 days of the order.
  • Recommendations will include steps to ensure agencies are organized, tasked, resourced, and provided with necessary legal authority to meet mission needs.
  • Co-chaired by the Secretary of Defense, Secretary of Homeland Security, Director of National Intelligence, Assistant to the President for National Security Affairs and the Assistant to the President for Homeland Security and Counterterrorism.

Review of cyber adversaries

  • Deliver a first report on identities, capabilities and vulnerabilities of principal cyber adversaries within 60 days of the order.
  • Co-chaired by the Director of National Intelligence, Secretary of Homeland Security, Secretary of Defense, Assistant to the President for National Security Affairs and the Assistant to the President for Homeland Security and Counterterrorism.

Review of U.S. cyber capabilities

  • The review will identify initial sets of capabilities needing improvement to adequately protect critical infrastructure.
  • Recommendations will include steps to ensure agencies are organized, tasked, resourced and provided with necessary legal authority to meet mission needs.
  • Co-chaired by Secretary of Defense, Secretary of Homeland Security and the Director of the National Security Agency.

Report on private sector infrastructure incentives

  • Deliver options to incentivize private sector adoption of effective cyber security measures within 100 days of the order.
  • Co-chaired by the Secretary of Commerce, Secretary of the Treasury, Secretary of Homeland Security and Assistant to the President for Economic Affairs.

The White House has stated “Cyberwarfare is an emerging battlefield, and we must take every measure to safeguard our national security secrets and systems. We will make it a priority to develop defensive and offensive cyber capabilities at our U.S. Cyber Command, and recruit the best and brightest Americans to serve in this crucial area.”

President Trump had announced in December the selection of Thomas Bossert to serve in the White House as his cybersecurity advisor. Bossert, previously served as deputy assistant to the president for homeland security in the Bush administration. His appointment was lauded by many cybersecurity experts as he enjoys great respect within this community.

Shortly before taking the oath of office, President Trump announced that former New York City mayor and close adviser Rudy Giuliani would serve as an informal adviser “sharing his expertise and insight as a trusted friend concerning private sector cyber security problems and emerging solutions developing in the private sector,” a statement from the transition team said.