Categories: CyberCrimeSecurity

White House Withholds Cyber-Security Order For Further Revision

An administration burned by the failure of its executive order on immigration to pass legal muster has held up consideration of its next big effort, which is an order on cyber-security. That executive order, something each administration has issued since the George W. Bush presidency, was withheld without explanation on the day it was supposed to be signed.

A look at the original EO as obtained by the Washington Post and the subsequent revision as obtained by Lawfare show substantial differences.

The latest version, which is still a draft, shows two things, one is a wish list from lots of people, and the other which is a more thoughtful approach by someone with actual cyber-security expertise.

The speculation as to why the order was suddenly pulled revolves around a president who was reportedly angry that the immigration order wasn’t well crafted and who wanted to make sure this one was done right.

Trump cybersecurity

The new version of the EO does several important things. First, it makes clear that each agency head and each department secretary has the ultimate accountability for cyber-security. This appears to be done to prevent those heads from passing the buck to their subordinates instead of retaining it in their own hands.

The new EO also speaks clearly about the need to modernize the U.S. government’s antiquated data systems, to keep software and systems updated and to make sure the latest security practices are followed. The order also requires full assessments of government agency’s cyber-security status and to report it to the White House. The Office of Management and Budget would receive the reports and consolidate them for the President.

It’s notable that the revised EO discusses risk management in detail and it discusses the risk of outdated systems. The draft order says, “Known but unmitigated vulnerabilities are among the highest risks faced by executive departments and agencies (agencies). Known vulnerabilities include using operating systems or hardware beyond the vendor’s support lifecycle, declining to implement a vendor’s security patch, or failing to execute security specific configuration guidance.”

The problem with the approach is that it comes from a President who continues to use an older, unsecured, Samsung Galaxy cell phone on a constant basis despite having been provided a secure smartphone like the one used by his predecessor.

Likewise there are reports widely circulating in Washington that the senior White House staff has yet to give up using their personal devices. It’s worth noting that the President’s Android phone is one of those that are vulnerable to being hacked by a single incoming text message.

Still, much of the order argues for a consistently updated federal IT infrastructure, which is something that previous administrations haven’t really tried. But the reason that approach hasn’t been tried  is the difficulty in getting Congress to pay for a comprehensive data system update.

Originally published on eWeek

Quiz: What do you know about Trump and technology?

Continues on Page 2…

Page: 1 2

Wayne Rash

Wayne Rash is senior correspondent for eWEEK and a writer with 30 years of experience. His career includes IT work for the US Air Force.

Recent Posts

TikTok ‘Halts E-Commerce Expansion Plans’

TikTok reportedly scraps plans to expand TikTok Shop livestream commerce in Europe and US after…

8 hours ago

European Parliament Passes Landmark Tech Regulations

European Parliament votes to adopt Digital Markets Act and Digital Services Act, but campaigners warn…

9 hours ago

Indian Economic Police Raid Offices Of Smartphone Maker Vivo

Indian economic crime agency Enforcement Directorate raids dozens of locations across India belonging to China's…

11 hours ago

French Music Service Deezer Slumps On Market Debut

Spotify and Apple Music competitor Deezer falls below opening price after long-delayed IPO in Paris…

11 hours ago

Foxconn Expects Stronger Sales In Spite Of Economic Gloom

iPhone manufacturer Foxconn revises full-year expectations upward amidst strong consumer and data centre demand, bucking…

13 hours ago

Samsung ‘To See Profits Jump’ On Data Centre Demand

Industry analysts expect Samsung's profits to jump 15 percent for the second quarter as strong…

13 hours ago