June 9, 2017 By Eli Ben Meir 3 min read

Just days after President Trump signed his executive order on cybersecurity, the massive WannaCry attack dominated the news cycle. The assault infiltrated 150 countries, penetrating national networks and infrastructure.

A breach of such international scale has rightly raised questions about government preparedness for digital warfare. In answering these concerns, Trump’s executive order should not be forgotten. In fact, the White House has taken an important first step toward helping to safeguard America’s cybersecurity stature.

Making Cybersecurity a Real-World Issue

The very fact that President Trump has placed cybersecurity on his administration’s agenda is a powerful statement. For too long, it has been considered the preserve of geeks engaged in a virtual battle. The executive order sent a strong message that what happens in cyberspace has a direct impact on the real world. We can no longer afford to bury our heads in the sand. The fight must be taken up by decision-makers and administrators, as well as technical experts.

But that is not the only sense in which Trump’s directive has created order. The text itself set out a tangible timeline for action. Each government agency is required to carry out a cyber risk assessment, which must be submitted within 90 days. These reports will be subject to scrutiny and, in some cases, oversight will continue all the way up to the president himself. In other words, there is a schedule and a plan of action, which means that the directive is less likely to gather dust on the shelf. Given that WannaCry demonstrated unequivocally how urgently action is required, this represents significant progress.

A Benchmark for a Cybersecurity Strategy

Importantly, the executive order is also explicit on one specific standard to be applied as each agency undergoes its own cyber audit: Agencies have been instructed to use a framework developed by the National Institute of Standards and Technology (NIST), widely regarded as a rigorous benchmark. Holding each federal agency to such a standard creates a yardstick by which to measure vulnerabilities and gauge preparedness. This is a critical first step in creating a forward-thinking action plan. It establishes a basis on which to strategically allocate resources, develop techniques and to deploy specific tools.

Having said all this, the executive order fails to address a number of key areas. For a start, it focuses on federal agencies. But what about individual states? Truly understanding cyberthreats means understanding that networks are linked. There is no neat distinction between federal and state as there is in government. After all, a breach in one state will quickly migrate to the next.

No Safety in Isolation

By the same token, the digital ecosystem not only includes the public sector, but it also crosses the boundary into the private sector, encompassing infrastructure and business. A significant attack on a transit system or power network is likely to cause mass panic and engender a sense of widespread chaos. The implications for public safety and order are clear.

Similarly, should financial institutions be breached, the ripples will be felt across the markets and the economy in general. Consequently, any directive aimed at enhancing national cybersecurity must also include specific guidelines and legislation governing elements of the private sector.

While the NIST benchmark is important, it focuses largely on the technological layers required to fight cybercriminals. Unfortunately, applying technology is no quick fix. Our enemies are becoming more sophisticated all the time, constantly developing new methods of attack. The latest protective tool, by itself, is only a bandage until the next time. Instead, a strong cybersecurity posture requires a holistic approach, which also incorporates best practices and modes of behavior.

Because cyber warfare is so dynamic, cross-agency intelligence sharing is required. It is critical that all relevant bodies are up to date with the very latest threat assessment and on the same page when it comes to combating tomorrow’s dangers. This cooperative approach must be at the heart of any future steps that follow the executive order.

Executive Order on Cybersecurity Starts the Conversation

Perhaps the most significant gap in President Trump’s executive order on cybersecurity is that it does not substantively address future steps. Trump’s directive cannot be treated as a one-time event. The reports mandated cannot be submitted in isolation — they must be the start of an ongoing assessment process. Furthermore, the agencies involved need to take part in ongoing training, simulated war games and other activities to sharpen preparedness.

Nonetheless, this should not take anything away from what is unquestionably a positive development in the fight against fraudsters. But failure to use it as a springboard to a more comprehensive strategy will ultimately place the U.S. at the mercy of those who wish to cause harm. After all, WannaCry was not a one-time event, either.

More from Government

CIRCIA feedback update: Critical infrastructure providers weigh in on NPRM

3 min read - In 2022, the Cyber Incident for Reporting Critical Infrastructure Act (CIRCIA) went into effect. According to Secretary of Homeland Security Alejandro N. Mayorkas, "CIRCIA enhances our ability to spot trends, render assistance to victims of cyber incidents and quickly share information with other potential victims, driving cyber risk reduction across all critical infrastructure sectors."While the law itself is on the books, the reporting requirements for covered entities won't come into force until CISA completes its rulemaking process. As part of…

Important details about CIRCIA ransomware reporting

4 min read - In March 2022, the Biden Administration signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). This landmark legislation tasks the Cybersecurity and Infrastructure Security Agency (CISA) to develop and implement regulations requiring covered entities to report covered cyber incidents and ransomware payments.The CIRCIA incident reports are meant to enable CISA to:Rapidly deploy resources and render assistance to victims suffering attacksAnalyze incoming reporting across sectors to spot trendsQuickly share information with network defenders to warn other…

Unpacking the NIST cybersecurity framework 2.0

4 min read - The NIST cybersecurity framework (CSF) helps organizations improve risk management using common language that focuses on business drivers to enhance cybersecurity.NIST CSF 1.0 was released in February 2014, and version 1.1 in April 2018. In February 2024, NIST released its newest CSF iteration: 2.0. The journey to CSF 2.0 began with a request for information (RFI) in February 2022. Over the next two years, NIST engaged the cybersecurity community through analysis, workshops, comments and draft revision to refine existing standards…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today