Trump has a cybersecurity plan and it needs your help
February 1, 2017 Leave a comment
By Lloyd McCoy Jr., DOD manager
We got a sneak peek this week into what the Trump administration is thinking about with its cybersecurity strategy and it appears there won’t be a major departure from previous administrations.
What I was able to glean from the draft is that it reaffirms cybersecurity as a preeminent national interest and its emergence as a new domain, comparable to air, land, sea and space. In order to protect this interest, the order endorses the “full spectrum” of capabilities to defend U.S. cyber interests, suggesting a policy that embraces both cyber-defensive and offensive toolsets.
In line with the previous two administrations, the order also emphasized protecting both public and private critical infrastructure. While none of this is a major departure, there are a couple of provisions in the draft order that impact the IT community.
Cyber vulnerabilities review
The Trump administration calls for initial recommendations by March 30 of ways both national security systems (military and intelligence related) and public and private critical infrastructure can be better protected.
The unsigned executive order also asks agencies to compile a list of the most urgent vulnerabilities.
With a tight deadline looming ahead, government agencies will absolutely require industry input since they are often the ones on the frontlines defending against cyber threats to government networks and critical infrastructure assets. This is a good time to get in front of senior leaders across government and talk about not only where you see areas for improvement but also the tools you think the government needs to patch up critical vulnerabilities and address increasingly advanced threats.
Cyber adversaries review
The draft executive order also calls for a report on the identities, capabilities and vulnerabilities of the most common cyber adversaries to U.S. interests.
This suggests to me that we will see a continuation of policies focused on improving proactive or offensive responses to cyber-attacks. As a result, expect more demand for threat intelligence and mapping tools, as well as solutions that identify cyber vulnerabilities in adversaries.
Cyber capabilities and incentives
The last sections of the draft order call for the Department of Defense, the Department of Homeland Security and the National Security Agency, based on the Cyber Vulnerabilities and Cyber Adversaries reviews, to identify initial investments and best practices needed to shore up vulnerabilities in our critical infrastructure and any cyber threats affecting the government’s ability to perform its mission.
The administration is also looking for recommendations on ways the government can encourage private owners of critical infrastructure to “maximize protective measures.” As mentioned before, these reviews represent an opportunity for industry to get in front of government leaders and shape future requirements.
How the Trump administration will ultimately contrast with the previous policies on cybersecurity is unclear but at first glance, it looks like cybersecurity will remain front and center in terms of technology priorities. The scope of this draft order is vast, calling for cybersecurity reviews that crisscross civilian, military, intelligence and private sectors. Industry’s expertise, guidance and recommendations are needed here and more importantly, they will be a key determinant for future cyber investments. We’ll keep you updated on the administration’s cybersecurity strategy and other IT priorities.
For more insight on cybersecurity and Trump administration policies, reach out to immixGroup’s Market Intelligence team.