Industry experts look forward to the White House’s upcoming cybersecurity executive order because the latest draft promises private and public collaboration on common cybersecurity issues, according to officials from Symantec, RSA, and Palo Alto Networks.
“We’re pleased that the administration is building on the work of the old administration,” Jeff Greene, senior director of global government affairs and policy for Symantec, said in an interview with MeriTalk. “It’s always good to have fresh eyes but you don’t want to throw the baby out with the bathwater.”
Greene said that Symantec was concerned that President Donald Trump’s administration might ignore the work that the Obama administration had already done on cybersecurity; however, this draft shows that the Trump administration is building on that work.
Greene also said that it’s effective to hold agency heads accountable for their cybersecurity posture and not just the chief information officers.
“Cyber is a board-level and a C-level concern,” Greene said. “That’s a good lesson for corporate America as well.”
Greene said that Symantec is particularly interested in the report that the draft asks for on botnet attacks. The topic of automated attacks is a problem for both government and industry.
One change that could happen to this draft is a shift in leadership for the coordination of IT modernization, according to Greene.
“That’s great as long as it happens,” Greene said.
An RSA representative said the company supports the idea of the executive order, which serves to strengthen the nation’s networks. Stephen Ellis, public sector marketing leader for RSA, said that the order needs to contain topics that are relevant today and can be relevant when future cyber threats arise.
“We need policies today that are breathable and flexible,” Ellis told MeriTalk.
Ellis said that it will be important for the White House to include industry goals and expertise.
“Without the private sector’s involvement, then that can be difficult,” Ellis said.
Ryan Gillis, vice president of cybersecurity strategy and global policy at Palo Alto Network, said that the use of NIST’s cybersecurity framework will strengthen agencies’ networks.
“We are encouraged by the approach outlined in the recent versions of the cybersecurity executive order,” Gillis said. “We welcome the order’s focus on cybersecurity risk management and driving the government’s implementation of the NIST Cybersecurity Framework, ensuring agency heads are accountable for their own cybersecurity, empowering and directing OMB and DHS to execute their respective missions across civilian agencies, and tasking key departments to analyze existing threats, vulnerabilities and capabilities.”