WASHINGTON—The Information Technology and Innovation Foundation (ITIF), the top-ranked U.S. science- and tech-policy think tank, today released the following statement from Daniel Castro, ITIF vice president, on the Trump administration’s cybersecurity executive order:
We are disappointed to see that this executive order is mostly a plan for the government to make a plan, not the private sector-led, actionable agenda that the country actually needs to address its most pressing cyber threats.
Cybersecurity should be a top priority for the Trump administration. The last administration put together a commission which left a comprehensive set of action items for the new administration to pursue that should have been the starting point for this order. While the executive order checks most of the boxes thematically, it generally kicks the can down the road instead of taking any decisive actions.
We’ll have to wait to see how well this administration can implement its stated goals for cybersecurity. Notably, this order leans heavily on the government for ideas and implementation rather than a public-private partnership approach. This is somewhat surprising given this administration’s belief that the private sector can generally do things better than government. Moreover, the private sector has the deepest bench of cybersecurity talent, so the federal government will likely need to look outside its ranks to stay on top of these issues.
It is a good sign though that the White House included much-needed government IT modernization and consolidation as part of the executive order. While there are many reasons to pursue IT modernization, the administration is likely to have the most success getting this done as a cybersecurity mandate rather than as a push for efficiency.