President Trump on Thursday signed an executive order on cybersecurity that aims to bolster the cybersecurity of federal networks and the critical infrastructure of the U.S.
The cybersecurity order has long been anticipated as Trump balked on signing a cybersecurity order mere days into his presidency.
The order has three major components: protecting federal networks, cybersecurity of critical infrastructure and promoting cybersecurity workforce development.
As expected by experts, it continues an approach espoused by the Obama administration that leans on public-private partnerships. Effective immediately, each agency has been ordered to adopt the National Institute of Standards and Technology's framework of cybersecurity standards, which was released in 2014, followed by a draft update in January. The voluntary framework was created as a "set of industry standards and best practices to help organizations manage cybersecurity risks." If a successor document is published, then agencies must abide by that.
Trump's order pushes for a higher degree of centralization and will hold department heads accountable for managing cybersecurity risk management and modernization for IT and data as part of an "executive branch enterprise."
Speaking about the cyber order during the White House press briefing on Thursday, Tom Bossert, Trump's homeland security adviser, referred to the data breach at the Office of Personnel Management in 2014, in which it is estimated that hackers stole records for up to 21.5 million people.
Bossert said agency will not only have a responsibility to protect their own networks, but will also have a responsibility to identify risks and share that information with the White House.
"That executive order among other things is going to keep his promise that he has made to the American people to keep America safe, including in cyberspace," Bossert said.
Bossert noted that the U.S. has seen an uptick of attack not only from the country's enemies, but also allies. "Sitting by and doing nothing is no longer an option," he said.
Asked if the Russian hacking interference in the U.S. election was the impetus for the order, Bossert asserted that it was not.
"No, it was not a Russian-motivated issue," he said. "It was a United States of America-motivated issue."