Robert Joyce, the new Cybersecurity Coordinator and Special Assistant to the President at the White House, said the release of the Executive Order is due “very soon” at a cybersecurity event at Georgetown last week.
In outlining the cyber challenges facing the federal government, he compared the Department of Defense with the Bureau of Reclamation. He asked the audience to draw a mental picture: the Bureau of Reclamation manages and protects 53 hydro plants with lots of technology. The challenge, according to Joyce: Ensure that the Bureau has the same cyber defensive capabilities as the Department of Defense, noting cyber safety of the country is only as strong as the weakest link.
Joyce emphasized that the President will hold the heads of agencies responsible for cybersecurity. “Cybersecurity isn’t the domain of the IT department or even the chief information security officer,” Joyce said. “That leadership from the top is what is going to make us safe.”
He cited three administration cybersecurity priorities.
The first–to protect critical government and military systems—must be focused on a comprehensive risk management approach to cybersecurity. The leadership must come from the top and early discovery and contained impact are key. As part of this approach, the entire government must be viewed as a single enterprise.
To that end, Joyce’s office will be involved in the new Office of American Innovation’s effort to integrate cybersecurity into a program to modernize the federal government’s information technology platforms.
The second priority—to secure critical infrastructure—will not only be focused on improving protections, but will also focus on improving resilience. He specifically pointed to the importance of driving down the risk from distributed attacks such as from IOT bonnets.
The third priority—international cybersecurity—recognizes that international law applies and will work to ensure voluntary norms are enforced in cyber space.
“We will not allow us to put ourselves at risk from the malicious use of cyber.” Joyce emphasized.
Another key enabler to ensuring the nation’s cyber safety is a workforce development, he said.
Turning the private sector, Joyce pointed to a White House meeting with seven CEOs of corporations who said cybersecurity was an existential threat that would lead their companies to “cease to exist.”
Join us for the 8th Annual Billington CyberSecurity Summit Sept. 13 in Washington, D.C. when top CIOs, CISOs and federal officials will examine the cybersecurity priorities of the Trump administration.