The executive order states that the heads of departments and agencies will be held accountable for managing cybersecurity risk. They are required to use NIST’s Framework for Improving Critical Infrastructure Cybersecurity to manage risk, and they must submit reports to Homeland Security and the Office of Management and Budget (OMB) within 90 days.
John K. Adams, CEO, Waratek:
“Today’s Executive Order is a needed first step, but it is just that…a first step. Executive Orders merely set the tone for the policy and funding work that will follow. And this one has a long tail.
Government measures time in legislative sessions and election cycles. Business leaders in annual budget cycles. Cybersecurity experts measure the passage of time in the numbers of attacks per hour/minute/second. That’s a fundamental disconnect that keeps us from effectively addressing the seemingly endless series of breaches from cyberattacks.
If this Executive Order is successful in creating the platform for all the parties to work together and work faster, it will have been a rousing success. If the status quo does not change, there are a lot of technologists who will continue to hide under their desks out of fear of what’s coming next.”
Read the full article on Security Week here.
