He said the order also aimed to enhance protection of infrastructure such as the energy grid and financial sector from sophisticated attacks that officials have warned could pose a national security threat or cripple parts of the economy.
Unlike many of Trump’s moves, this had a thumbs up from security experts and industry groups, and also lays out goals to develop a more robust cyber deterrence strategy, in part by forging strong cooperation with US allies.
White House homeland security adviser Tom Bossert said the order sought to build on efforts undertaken by the former Obama administration. In fact this sort of deal has Obama’s fingerprints all over it – it sounds good but acutually does not do anything because it is voluntary. Trump's move is more of an enforcement of what the previous government but is effectivtely a "plan to make a plan".
The Obama administration had encouraged the private sector to adopt the voluntary NIST framework. But it did not require government agencies to do so.
Bossert told reporters during a White House briefing: "A lot of progress was made in the last administration, but not nearly enough."
Under the changes, heads of federal agencies must use a framework developed by the National Institute of Standards and Technology to assess and manage cyber risk, and prepare a report within 90 days documenting how they will implement it.
Trump, a Republican, has also asked agencies to review their federal workforce's cyber talent, an area where the government has faced a growing shortfall of qualified personnel in recent years. Bossert said Russia's hacks were not a motivation for the order, adding that "the Russians are not our only adversary on the internet".