During the election cycle Donald J. Trump was billed as quick and decisive, someone who likes to move fast. This has proven true as his first few weeks have seen a flood of executive orders such as the Muslim ban, the promotion of Steve Bannon to the U.S. National Security Council and the repeal of transparency rules for oil companies.
Which is why it's strange that President Trump has delayed an executive order to improve the United States' cyber defense measures. Especially since, unlike many of his orders, it's relatively free from controversy.
While the U.S. waits for a national policy on this crucial subject, private businesses can boost their cyber protection with an insurance policy from CyberPolicy. If a hacker is able to breach your defenses, it won't spell the end of your company.
Executive Inaction
Trump was expected to sign the cybersecurity order on January 31st, but canceled the signing without explanation. The original order was meant to hold government department chiefs more accountable for security failings and require senior officials to implement cybersecurity defense framework developed by the National Institute of Standards and Technology (NIST).
These common-sense regulations were generally well received. In an interview with The Register, Richard Stiennon, author and chief strategy officer of Blancco Technology Group, said, "The concept of holding cabinet secretaries and agency heads accountable for the cybersecurity of their organizations is a good one."
Still, there were some concerns that the executive order did not address election systems as critical infrastructure; something especially concerning following Russia's interference in the 2016 presidential election on behalf of the now President.
However, the latest draft of the cyber protection order has morphed into something much longer (over 2,200 words) and calls for no fewer than 10 reports! By comparison, President Barack Obama's 2013 executive order on Improving Critical Infrastructure Cybersecurity ran 3,000 words and required only three reports.
So what does the new draft say? Much of the same, to be honest, but it gives much greater detail on the list of individuals involved and the specific tasks each are given. The gambit of reports require input from several government agencies including the DHS, the FBI, the attorney general, the FCC, the FTC and more.
The breadth and depth of this document is surprising for the Trump administration since the president prefers pithy and image-heavy briefing documents (when he takes them). A subsequent article from The Register claims the decision to put the cyber protection order on hold was "a direct result of the disastrous rollout of the immigration ban" that caused chaos nationwide.
While we do not know when the executive order will be signed, we can assume that the current draft will likely see new edits as it moves through cross-department hands. In the meantime, there are things your organization can do to improve its cyber protection.
Consider investing in cyber policy insurance to protect your company's most valuable assets from cybercrime and data breach. Make an executive decision safeguard your business. Visit CyberPolicy today!
