(May 23, 2017 – Jennifer Ortega) On May 11, President Trump issued the Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, which aims to modernize federal agencies’ information technology infrastructure and risk management.
Under the order, heads of federal agencies will now be held accountable by the President for implementing risk management measures appropriate for the risk to and significance of the information technology and data held by the agency. These measures must follow the National Institute for Standards and Technology’s (NIST) cybersecurity standards. The order also calls on agencies to issue risk management reports detailing their efforts to implement the NIST standards to the Office of Management and Budget, which will then determine if the agencies’ reports are sufficient.
Additionally, the Executive Order calls for several reports on measures that could be taken to strengthen the cybersecurity of critical infrastructure, reduce the threat of botnets to the nation’s networks, and improve the skilled cybersecurity workforce through improved training programs.
The Executive Order is seen as a positive development by many in the cybersecurity community. It moves cybersecurity into the spotlight, emphasizing its importance, while also ensuring the issue continues to be bipartisan.
Jen Ortega serves as a consultant to EDUCAUSE on federal policy and government relations. She has worked with EDUCAUSE since 2013 and assists with monitoring legislative and regulatory proposals across a range of policy areas, including cybersecurity, data privacy, e-learning, and accessibility.