Trump's cybersecurity mystery: 90 days in, where's the plan?

An executive order was shelved without explanation, and a promised cybersecurity report hasn't materialized

On Jan. 6, weeks before he was due to become president, Donald Trump sat down with U.S. intelligence officials for a two-hour briefing at Trump Tower on cyberattacks conducted during the U.S. election. The meeting resulted in a pledge: a plan to counter cyberattacks against the U.S. within 90 days of taking office.

On Wednesday, President Trump marks his 90th day in office with no sign of a report or indication that one is on the way. That’s a surprise, given the recent string of successful, high-profile cyberattacks against the federal government.

Trump underlined the urgency of the situation at a news conference on Jan. 11.

"We're hacked by everybody," he said. "The United States, our government, out of a list of 17 in terms of industries is the worst ... in terms of protection."

It looked like he was determined to get things moving. A day later, he appointed former New York City mayor and early supporter Rudolph Giuliani as a informal advisor on cybersecurity.

A day after that, he again repeated the 90-day pledge in a tweet: "My people will have a full report on hacking within 90 days!"

Despite a rocky start to Trump's time in office, the cybersecurity plan didn't appear to be suffering. Drafts of an executive order were being passed around Washington and refined, signs that the issue was active in the White House.

On Jan. 31, less than two weeks after he had taken office, the executive order was ready to be signed.

The White House scheduled a signing session for 3:15 p.m. that day, and a few hours before that, officials briefed reporters on what the order contained.

The central directive was that the head of each federal agency would be responsible for cybersecurity within their department. It also directed the head of the Office of Management and Budget to assess and manage the collective risk of the federal government.

"I thought it was a very sensible kind of thing," said Paul Rosenzweig, founder of Red Branch Consulting and a former official at the Department of Homeland Security, in an interview this week. "To make managers responsible for the enterprise in ways they weren't and treating the entire federal government as a single enterprise was good."

But Rosenzweig was commenting on a leaked draft of the executive order. The final order was never signed or released.

At noon on Jan. 31, President Trump had lunch with Giuliani and at 1 p.m. Press secretary Sean Spicer told reporters the executive order represented "the first step" the President was taking "to address the new security challenges of the 21st century."

At 2 p.m., the president kicked off a "listening session" on cybersecurity. In the meeting were Giuliani and senior White House staff. Participants included chief strategist Steve Bannon, senior advisor Jared Kushner, Chief of Staff Reince Priebus, Homeland Security Secretary John Kelly, acting National Security Agency Director Mike Rogers and former NSA director Keith Alexander.

It's not clear what happened at lunch or in the afternoon meeting, but the cyber executive order was pulled with no explanation from the White House.

As a result, agency heads were never ordered to produce cyber risk reports that would have been due on Wednesday. It also means a 60-day review of federal government cybersecurity, due to have begun Wednesday, was never ordered.

Since late January, Trump has only taken one major step on cybersecurity. On March 29, he extended by one year special powers introduced by former President Barack Obama that allow the government to issue sanctions against people and organizations engaged in significant cyberattacks and cybercrime against the U.S.

The White House, and Giuliani's security consultancy, didn't respond to requests for comment.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Martyn Williams

IDG News Service
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?