Menu
Trump's cybersecurity mystery: 90 days in, where's the plan?

Trump's cybersecurity mystery: 90 days in, where's the plan?

An executive order was shelved without explanation, and a promised cybersecurity report hasn't materialized

On Jan. 6, weeks before he was due to become president, Donald Trump sat down with U.S. intelligence officials for a two-hour briefing at Trump Tower on cyberattacks conducted during the U.S. election. The meeting resulted in a pledge: a plan to counter cyberattacks against the U.S. within 90 days of taking office.

On Wednesday, President Trump marks his 90th day in office with no sign of a report or indication that one is on the way. That’s a surprise, given the recent string of successful, high-profile cyberattacks against the federal government.

Trump underlined the urgency of the situation at a news conference on Jan. 11.

"We're hacked by everybody," he said. "The United States, our government, out of a list of 17 in terms of industries is the worst ... in terms of protection."

It looked like he was determined to get things moving. A day later, he appointed former New York City mayor and early supporter Rudolph Giuliani as a informal advisor on cybersecurity.

A day after that, he again repeated the 90-day pledge in a tweet: "My people will have a full report on hacking within 90 days!"

Despite a rocky start to Trump's time in office, the cybersecurity plan didn't appear to be suffering. Drafts of an executive order were being passed around Washington and refined, signs that the issue was active in the White House.

On Jan. 31, less than two weeks after he had taken office, the executive order was ready to be signed.

The White House scheduled a signing session for 3:15 p.m. that day, and a few hours before that, officials briefed reporters on what the order contained.

The central directive was that the head of each federal agency would be responsible for cybersecurity within their department. It also directed the head of the Office of Management and Budget to assess and manage the collective risk of the federal government.

"I thought it was a very sensible kind of thing," said Paul Rosenzweig, founder of Red Branch Consulting and a former official at the Department of Homeland Security, in an interview this week. "To make managers responsible for the enterprise in ways they weren't and treating the entire federal government as a single enterprise was good."

But Rosenzweig was commenting on a leaked draft of the executive order. The final order was never signed or released.

At noon on Jan. 31, President Trump had lunch with Giuliani and at 1 p.m. Press secretary Sean Spicer told reporters the executive order represented "the first step" the President was taking "to address the new security challenges of the 21st century."

At 2 p.m., the president kicked off a "listening session" on cybersecurity. In the meeting were Giuliani and senior White House staff. Participants included chief strategist Steve Bannon, senior advisor Jared Kushner, Chief of Staff Reince Priebus, Homeland Security Secretary John Kelly, acting National Security Agency Director Mike Rogers and former NSA director Keith Alexander.

It's not clear what happened at lunch or in the afternoon meeting, but the cyber executive order was pulled with no explanation from the White House.

As a result, agency heads were never ordered to produce cyber risk reports that would have been due on Wednesday. It also means a 60-day review of federal government cybersecurity, due to have begun Wednesday, was never ordered.

Since late January, Trump has only taken one major step on cybersecurity. On March 29, he extended by one year special powers introduced by former President Barack Obama that allow the government to issue sanctions against people and organizations engaged in significant cyberattacks and cybercrime against the U.S.

The White House, and Giuliani's security consultancy, didn't respond to requests for comment.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA

Reseller News has honoured the leading female front runners of the New Zealand ICT industry at the 2019 Women in ICT Awards (WIICTA) in Auckland. The awards recognised standout individuals across six categories, spanning Entrepreneur, Rising Star, Shining Star, Community, Technical and Achievement. Photos by Gino Demeer.

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA
Reseller News kicks off awards season in 2019 with Judges' Lunch

Reseller News kicks off awards season in 2019 with Judges' Lunch

The 2019 Reseller News Innovation Awards has kicked off with the Judges Lunch in Auckland with 70 judges in the voting panel. The awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors. Photos by Christine Wong.

Reseller News kicks off awards season in 2019 with Judges' Lunch
Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomed 2018 inductees - Chris Simpson, Kendra Ross and Phill Patton - to the third running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing landscape of the technology industry in New Zealand, while outlining ways to attract a new breed of players to the ecosystem. Photos by Gino Demeer.

Reseller News welcomes industry figures for 2019 Hall of Fame lunch
Show Comments