I had a chance to read the 6 page Executive Order today (you can read it yourself here and for me, there are two main take-aways:
- The US government is vulnerable, and knows it. What they don’t know – and aim to find out with a newly formed committee, is how vulnerable are they, and what can they do to fix it? I’m happy to see one of the main goals of the new National Security Presidential Directive is to have all responsible agencies properly organized, tasked and resourced with adequate legal authority to fulfill their missions. Because, a huge barrier to becoming more secure, is the discombobulated and independent systems that make up our US Government will constantly hinder progress in securing our nation. So, this is really good.
- The initiative covers – you guessed it – recommendations for the private sector as well. Europe is already enacting their GDPR Framework (General Data Protection Regulation) that will be enforced as of May 2018. Europe has essentially given their private industry one year to drink from a firehose of regulation, which will ensure the privacy and security of data. You know the US will be following suit quickly.
A side note on this Executive Order – I’m thrilled to see the emphasis being placed on the workforce review, so that the initiative for computer science, mathematics, and cyber security education from primary through higher education can best position the U.S. educational system to maintain its competitive advantage into the future. This is about six years behind the curve in my opinion – but finally, we see the makings of a stronger Cyber U.S.