One of the most common critiques of President Donald Trump is his propensity to make promises without being able to see said promises through to completion. This has raised some alarm, particularly as it relates to national security.
Cybersecurity experts, meanwhile, are raising concerns about forthcoming digital disasters; the likes of which we have never experienced before. In the past two years alone we have seen data breaches in the millions, international ransomware attacks, and hacking of democratic institutions. This all begs the question: Why hasn't the president addressed national cybersecurity concerns?
CyberPolicy examines the question below. And while we hope that a national plan is put in place soon, we advise private businesses to protect themselves ASAP rather than wait for top-down action. Cybersecurity education in the workplace is a great place to start.
U.S. Cybersecurity Ain't All It's Trumped Up to Be
You may remember that President Trump was expected to sign an executive order on cybersecurity in late January of this year, at the beginning of his first term in office. The order was meant to hold government department chiefs accountable for security failing. It would also require senior officials to implement a defense framework developed by the National Institute of Standards and Technology (NIST).
All in all, it seemed like a move in the right direction. Who doesn't want more accountability on such a sensitive and important subject? Yet, inexplicably, the order was delayed. Then delayed again. Eight deadlines have come and gone with no action. You might be asking, Why has the signing of this particular executive order been pushed and canceled this many times?
"There is a narrow and fleeting window of opportunity before a watershed, 9/11 level cyberattack to organize effectively and take bold action," the National Infrastructure Advisory Council wrote in a report two months ago. "We call on the administration to use this moment of foresight to take bold, decisive actions."
It probably doesn't help that over a quarter of the members of Trump's cybersecurity advisory council resigned en masse. Among the reasons for the exodus was the administration's "insufficient attention" to possible cyber threats posed to American interests and infrastructure.
One can only speculate why the administration has been inattentive to this issue. But whatever the reason may be, American businesses, consumers, voters, and industries are suffering from this inaction.
Of course, the Trump administration also has advocated on this matter. The American Civil Liberties Union (ACLU) came out in late November praising new cybersecurity rules as "better than Obama's." That's because Trump's rules are more "transparent." The ACLU considers his Vulnerabilities Equities Process (VEP), setting guidelines for the executive branch to identify security gaps, a positive step.
Still, while we wait for a comprehensive plan to trickle down, businesses ought to start making the right choices today. Here are a few strategies to put you on the right track:
Follow these steps to quickly improve your chances of avoiding or surviving a cyberattack or data breach. Visit CyberPolicy for more helpful hints and a free quote on cyber insurance.