Leaked U.S. cybersecurity order focuses on workforce development

The latest draft of the Trump administration’s cybersecurity executive order focuses on modernizing federal IT systems and holding departmental heads responsible for maintaining adequate security.

While hopes were high that the order would be signed earlier in the administration’s tenure, the date keeps getting pushed back. Rumors have picked up once again this week, following the latest leaked version of the draft.

The most recent draft — like earlier drafts — guides agencies to apply NIST’s cyber risk management framework to their information assets. As we wrote last week, NIST’s cybersecurity framework was designed to help agencies of all sizes better protect their technology through standards, guidelines and good practices. The idea is that agencies first need to prioritize assets and then develop a plan to protect them.

In the newest version of the order, the Office of Management and Budget remains in charge of agency risk assessments. Also staying the same is the call to develop a national cyber-deterrence strategy.

However, the latest draft takes a turn by putting a focus on cybersecurity skills. In section 3 of the order, it states that “the United States seeks to support the growth and sustainment of a workforce that is skilled in cybersecurity and related fields, as the foundation for achieving our objectives in cyberspace.” How that policy comes to be implemented we’ll know over time.

The cybersecurity skills gap is something U.S. experts in both the private and public sector have noted as a competitive challenge. A survey from the Ponemon institute found that only 26 percent of organizations have the in-house cybersecurity skills needed to deploy and manage cybersecurity technologies.

This executive order aims to change that by directing agency heads to review the current state of cybersecurity training efforts and identify ways to improve them. It also calls on the director of national intelligence to look at how foreign nations are developing their cybersecurity workforce and how that may affect long-term competitiveness.

While the highly anticipated cybersecurity executive order has been slower to the President’s desk than expected, the administration has been filling the staff roles necessary to drive policy forward once the order is signed. The Hill provides a rundown here in Five key players for Trump on cybersecurity.


Hopes rise for U.S. executive order confronting cybersecurity

U.S. to share supply chain threat intel with industry

8 must-reads about the email hack that potentially influenced the U.S. election


  1. […] Leaked U.S. cybersecurity order focuses on workforce development […]

Speak Your Mind


This site uses Akismet to reduce spam. Learn how your comment data is processed.