Trump signs cybersecurity order
The directive places responsibility on agency chiefs for shoring up and protecting what the White House calls “antiquated and difficult-to-defend” networks.
Under the order, agency heads must review risks to their networks and submit those findings to the secretary of Homeland Security and the director of the Office of Management and Budget by mid-August.
A key tool for assessing those systems, the order says, is the National Institute of Standards and Technology’s Framework for Improving Critical Infrastructure Cybersecurity.
Part of the directive addresses energy, calling on Energy Secretary Rick Perry to collaborate with the Homeland Security chief and director of national intelligence, as well as state, local, tribal and territorial governments, to gauge the potential and duration of a prolonged power outage stemming from a cyberattack.
Perry’s review would also determine U.S. readiness to manage the consequences of such an attack and address shortcomings in its response capabilities.
The end product, which may be classified in full or in part, must be submitted to the president through the assistant to the president for homeland security and counterterrorism program within 90 days.
The electric industry welcomed the order.
Edison Electric Institute President Tom Kuhn said utilities are already working with the government through the Electricity Subsector Coordinating Council (ESCC).
“We value this partnership and appreciate President Trump’s support for improving the security posture of the electric power industry and, by extension, the nation,” he said.