Government agencies must assess the state of American cybersecurity education and workforce training as compared to other leading nations, according to an updated version of a long-delayed Trump administration cybersecurity executive order.
Other elements of the recent executive order draft are broadly similar to an earlier version floated in February, though some of the language has been changed significantly, especially on a plan to foster international cooperation in cyberspace.
Those similar elements include mandating federal agencies adopt cybersecurity best practices outlined in the National Institute of Standards and Technology’s cybersecurity framework and a requirement that government leaders be held accountable for cyber lapses at their agencies.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
Paul Rosenzweig, a former top Homeland Security Department cyber official, Wednesday posted the updated version of the order to the national security blog Lawfare.
The White House was initially scheduled to publish the cybersecurity executive order in the first weeks of the Trump administration, but then abruptly pulled it. The order is currently “in a holding pattern” after being “leapfrogged” by Monday’s executive order creating an American Technology Council with President Donald Trump at its head, an industry source told Nextgov.
Since the initial planned publication date, Trump has appointed Rob Joyce, a former top National Security Agency cyber defender, as his White House cybersecurity coordinator and launched a task force that will examine modernizing outdated and vulnerable government technology, among other issues led by his son-in-law Jared Kushner.
The order’s new workforce section directs Homeland Security Department, the Pentagon, the Education and Labor departments and the Office of Personnel Management to report to the president within four months about the “scope and sufficiency of efforts to educate and train the American cybersecurity workforce of the future, including cybersecurity-related education curricula, training, and apprenticeship programs, from primary through higher education.”
The order also orders the director of national intelligence to review cyber education and training programs of the U.S.’ cyber peers and “identify foreign workforce development practices likely to affect long-term U.S. cybersecurity competitiveness.”