Trump’s Innovative Cyber Policy: “You have less than 90 days”

June 2, 2017 | Views: 4917

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here


If there is one person who approves of Trump’s recently signed executive order, its former president Obama.

Why, you ask? A side by side comparison of Obama’s and Trump’s policy and it’s clear. Trump simply mandated compliance of Obama’s 2013 executive order within 90 days. While his tactic of “do what the other guy did” is nothing innovative for American policy, it does validate the precedent set by his presidential predecessor.

On May 11th Donald Trump signed an executive order carrying forward his predecessor’s policy and mandated that all federal agencies have 90 days to adopt the NIST Cybersecurity Framework, among other requirements. For executives required to adopt the framework, there are a few things you should know. Mainly, how it provides a mechanism for organizations to:

1) Describe their current cybersecurity posture

2) Describe their target state for cybersecurity

3) Identify and prioritize opportunities for improvement within the context of a continuous and repeatable process

4) Assess progress toward the target state

5) Communicate among internal and external stakeholders about cybersecurity risk


No executive administration in America’s history had to confront cybersecurity as a national priority the way Obama did. The myriad of prolific Obama era cyber-attacks were more frequent, farther reaching and sophisticated.

The Obama administration came up with a plan to address the defense of America’s digital infrastructure. It was the first of its kind drafted by a president who recognized the need to secure America’s newly developed cyber frontier. The directive came equipped with the largest multibillion-dollar investment in American cyber security. Intended to establish a cybersecurity framework, the original policy tasked the:

“National Institute of Standards and Technology (NIST) to lead the development of a framework to reduce cyber risks to critical infrastructure.”

The unprecedented legislation also gave rise to a new breed of partnerships between the public and private sector. A partnership rooted not in silos but sharing of information regarding cyber security risks. The result paved way for the first, NIST sponsored, Federally Funded Research and Development Center (FFRDC) known as the National Cybersecurity Center of Excellence (NCCoE). Affectionately known by the industry as “the center”, the NCCoE served as the nexus of collaboration for America’s tech giants, government agencies, and academia to mitigate cybersecurity risks in as they applied to specific economic sectors.

With an overnight budget of $5 billion, The Center cemented itself as a new breed of cyber unicorn, solidifying Obama’s vision for securing the nation’s critical infrastructure.


In January, President Donald Trump committed to developing a national cybersecurity strategy in 80 days. With a large focus on workforce development. The order mandates:

Agency heads shall show preference in their procurement for shared IT services, to the extent permitted by law, including email, cloud, and cyber security services.

Further, the United States seeks to support the growth and sustainment of a workforce that is skilled in cyber security and related fields as the foundation for achieving our objectives in cyberspace.

Workforce Development. In order to ensure that the United States maintains a long-term cyber security advantage:

(A) jointly assess the scope and sufficiency of efforts to educate and train the American cyber security workforce of the future, including cybersecurity-related education curricula, training, and apprenticeship programs, from primary through higher education; and

(B) within 120 days of the date of this order, provide a report to the President, through the Assistant to the President for Homeland Security and Counterterrorism, with findings and recommendations regarding how to support the growth and sustainment of the Nation’s cybersecurity workforce in both the public and private sectors.

(C) review the workforce development efforts of potential foreign cyber peers in order to help identify foreign workforce development practices likely to affect long-term United States cyber security competitiveness”

This long-delayed policy is an effort to secure porous federal networks, create framework focused security activities, and develop a cyber-savvy workforce.


So how does one prepare a cyber-workforce for the future?

Imagine an online platform that provides a combination of training, assessment, and communication. A solution that integrates security assessments into your workforce. A security tool designed to enhance the learning experience. A platform where information sharing actually increases security. A tool that empowers the American workforce. As a member of the National Initiative for Cybersecurity Excellence (NICE) Certifications and Training Workgroup, Cybrary is poised to fill the gap in today’s cyber workforce development.

Start today by assessing your team on NIST’s Risk Management Framework at no cost.

You can learn more about Cybrary’s security training resources including the latest course on the Risk Management Framework here.

Thomas Callahan is a Software Engineer at Cybrary passionate about bridging the cyber security skills gap.


Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Very interesting and talks about how we can strengthen the cybersecurity workforce by getting into the education institution early stage so that we can empower students to be very much active on cybersecurity world on the threats ,vulnerability , how to protect and be safe. It is everyone’s responsibility to be safe and secure for the future. Obama’s initial thought process gave the right direction to move ahead.
    Overall Great article!

  2. Interesting article, but one thing id like to see when mentioning moves Obama made in Cybersecurity, is also the handing of the Internet over to the UN on September 30th 2016 and how thats gonna play into this as far as what information will be made public and what will be off limits to the public. Nations such as Russia and China have weighed in cryptically on how theyd like to limit what now is governed by the UN. Needless to say itd be interesting to see how far this will go.

    • ICANN is not under the possession of the UN, they are an international NGO based in the US. Though that is what ultimately would have happened if we had not agreed to the amicable compromise of officially separating it from US control. There is a reason that even most of those who helped start the internet came out to support the move away from direct control of the US government, and also acknowledged publically that it changes very little, and nothing noticable to users.

      Go read about the history and practice of IANA and ICANN, they are nothing more than facilitators of consistent domain naming standards. They do not endorse and would not permit the criminal majority of dark web activity/users, for instance, but conecting and policing networks is very far outside the scope of their authority or technical capability.

      Whoever sold you that conspiracy theory either did not understand what they were talking about, or they were trying to create panic.

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge



We recommend always using caution when following any link

Are you sure you want to continue?