Trump Administration Issues New Executive Order Focused on Strengthening Federal Cybersecurity

Jennifer Archie, Steven Croley, Serrin Turner
Latham & Watkins LLP
Contact
LinkedIn
Facebook
X
Send
Embed

The Trump Administration has issued a much anticipated Executive Order (EO),“Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” directing federal executive agency heads to undertake various cyber-related reviews and to report findings back to the White House within prescribed timetables. Unlike some of the Trump Administration’s executive orders receiving much attention in recent weeks, this new cybersecurity EO does not aim to unwind policies put in place or initiatives undertaken by the Obama Administration. In fact, subsequent steps by the Trump Administration following the new EO may likely build upon the previous Administration’s efforts, which had assigned responsibilities to various executive departments serving as “sector specific” agencies for different sectors (energy, communications, transportation, and so on) with critical infrastructure.

For example, one noteworthy provision of the new EO requires the Secretary of Energy and other executive branch leaders to assess the potential risks of a prolonged power outage resulting from a cyberattack, and to gauge the power system’s readiness to manage such an attack. This direction implicates the Secretary of Energy’s emergency authorities in the event of a cyber incident, about which the Department of Energy has worked with the private sector. To determine whether and how existing authorities and capabilities can best be employed to manage cyber risks, the new EO also tasks the Secretary of Homeland Security and other federal leaders to work more broadly with owners and operators of other critical infrastructure assets for which a cybersecurity event could have catastrophic consequences.

As these examples suggest, in general, the new EO focuses on risk assessment, as opposed to actionable policy steps. Such assessments will inevitably require consultation with private stakeholders who are often at the front lines of cyber risk management. For that reason, the EO seems likely to provide a catalyst for a new round of engagement with the current Administration by private owners and operators of critical infrastructure.

For a more complete analysis of the new cyber EO, see Latham’s forthcoming Client Alert which will include additional detail on the executive order and next steps for industry stakeholders.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Latham & Watkins LLP | Attorney Advertising

Written by:

Latham & Watkins LLP
Latham & Watkins LLP
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Latham & Watkins LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide