By Steve Bittenbender
Editor, Government Security News
President Donald Trump on Thursday signed a long-anticipated executive order calling for the federal government to ramp up its cybersecurity measures.
And once the announcement was made, it didn’t take long for cybersecurity experts to chime in with their analysis of the order, which among many things calls on federal agencies to maintain and modernize its information technology infrastructure so threats can be detected more easily and networks are more resilient.
“The executive branch has for too long accepted antiquated and difficult–to-defend IT,” Trump’s order read.
James Carder, the chief information security officer for LogRhythm, said the executive order encompasses many of the recommendations his firm makes to its clients. In particular, Carder, who has nearly 20 years of experience in IT security consulting, said he was pleased that Trump’s directive includes language for funding the improvements and holding officials responsible.
“It’s about time the government and critical infrastructure organizations take cybersecurity seriously,” he said. “Protecting these assets is imperative to protecting the American people and our way of life.”
The Department of Homeland Security has already started some of the groundwork Trump laid out in the order. Three months ago, the agency awarded a contract to Bastille to survey critical infrastructure for both public and private sectors for vulnerabilities from radio-based attacks.
“As so many administrative and process control systems use radio rather than hardwired connections, it is essential that every facility be aware of what’s happening in its airspace as well as on its wired networks,” Bastille CEO Chris Risley said.
Cybersecurity has become a growing concern for American officials in recent years as the number of attacks has grown exponentially in recent years. Hackers have targeted such companies as Home Depot and Target as well as federal agencies, including the Office of Personnel Management. The attacks on OPM exposed personal information for more than 21.5 million current and former federal workers and contractors.
Michael Patterson, the CEO of security analytics firm Plixer, noted the OPM breach when he said he thought the order should have included a mandate for agencies to have forensic incident response systems in place that can quickly remedy the situation.
“With the amount of attacks that Government Agencies incur every day, it is not a matter of if, but when hackers will be successful,” Patterson said. “The key is to be alerted and respond as quickly as possible.”
The executive order did not just focus on attacks that compromised personally identifiable information. Trump also called for DHS secretary John Kelly and Energy Secretary Rick Perry to consult with state and local level officials to assess the threats cyberattacks pose on the country’s power supply.
That assessment is due within 90 days, according to the order.
Edgard Capdevielle said he was encouraged to see the country’s electricity infrastructure mentioned specifically in the order. He added that technology is available to help the utility companies become more resilient.
“Innovations such machine learning and artificial intelligence enable real-time monitoring and anomaly detection that offer critical infrastructure operators better tools to manage cyber risk and minimize disruptions,” said Capdevielle, the CEO of Nozomi Networks. The Swiss-based company provides real-time cybersecurity solutions for major industrial complexes.
Cybersecurity experts have called on government officials to be more willing to share information about the attacks their agencies have endured. In the order, Trump calls for agencies not only to share information with other agencies but also with the country’s allies.
Travis Farral, the director of security strategy for Anomali, called the order a “solid step” forward in bolstering the country’s security. Anomali is a California-based company that helps clients discover and respond to threats.
“When an organization, including the federal government, operates largely in silos, they miss out on a valuable force multiplier by leveraging resources from other agencies through sharing intelligence and other crucial information,” he said. “Threat intelligence sharing should serve as the backbone of a strong cybersecurity program, and with more robust cyber threat information sharing protocols in place, U.S. government agencies can better leverage resources to defend against cyberattacks.”