Donald Trump’s review of America’s cybersecurity misses its deadline

Sad.

Donald Trump's review of America's cybersecurity misses its deadline

Associated Press writes:

After a receiving a U.S. intelligence assessment on Russian’s interference in last year’s elections, President Donald Trump vowed that he would have a team present him with a review of America’s cybersecurity efforts within 90 days of taking office.

But Thursday was the 90-day mark and no plan has been presented. The missed target date, one of several blown deadlines in the administration’s first months, has resulted in uncertainty as to who is running the cyber review and when it might be completed. The White House insisted Thursday that a plan was in the works but did not offer any timetable.

“The president has appointed a diverse set of executives with both government and private sector expertise who are currently working to deliver an initial cybersecurity plan through a joint effort between the National Security Council and the Office of American Innovation,” said spokeswoman Lindsey Walters.

She did not address why the deadline was missed.

Sad.

The 90-days deadline was one of Trump’s own making, saying on January 6th of the need to “aggressively combat and stop cyberattacks”. Oh, and he couldn’t resist saying that the Republicans’ computer systems were much defended than the Democrats’, so nyeaahhh nyeaah!

Trump statement

“While Russia, China, other countries, outside groups and people are consistently trying to break through the cyber infrastructure of our governmental institutions, businesses and organizations including the Democrat National Committee, there was absolutely no effect on the outcome of the election including the fact that there was no tampering whatsoever with voting machines. There were attempts to hack the Republican National Committee, but the RNC had strong hacking defenses and the hackers were unsuccessful.

“Whether it is our government, organizations, associations or businesses we need to aggressively combat and stop cyberattacks. I will appoint a team to give me a plan within 90 days of taking office. The methods, tools and tactics we use to keep America safe should not be a public discussion that will benefit those who seek to do us harm. Two weeks from today I will take the oath of office and America’s safety and security will be my number one priority.”

A week later, Trump returned to the topic of a cybersecurity review within 90 days on Twitter:

Donald tweets 90 days

It now turns out that the phony allegations against me were put together by my political opponents and a failed spy afraid of being sued. Totally made up facts by sleazebag political operatives, both Democrats and Republicans – FAKE NEWS! Russia says nothing exists. Probably released by “Intelligence” even knowing there is no proof, and never will be. My people will have a full report on hacking within 90 days!

Giuliani Readers may recall that days before his inauguration as US President, Donald Trump announced that Rudy Giuliani would be heading-up his cybersecurity team. Within a matter of hours, security researchers found a number of fundamental security problems with the website of Giuliani Partners, “an international security consulting firm.”

Sign up to our free newsletter.
Security news, advice, and tips.

As you’ve probably guessed, Rudy Giuliani is the chairman and CEO of Giuliani Partners.

However, as AP points out, Giuliani does not seem to be involved in Trump’s cybersecurity review, so the blame can’t lie with him for its late delivery.

Of course, that does raise the question of exactly who is in charge of the cybersecurity review.

If Politico is to be believed, no-one is quite sure

Answers on a postcard, please. It’s safer than email these days.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

3 comments on “Donald Trump’s review of America’s cybersecurity misses its deadline”

  1. drsolly

    This is cyber. Cyber is difficult. And when was a cyber deadline ever met?

  2. Arnold Schmidt

    It's real simple. If you're going to shoot your mouth off about things of which you know nothing, as The Donald constantly does, then the result is that nothing useful will get done. Look what we have to look forward to in the next 4 years.

  3. Thomas D Dial

    This is just another in a series of mean-spirited carps at Donald Trump. I did not vote for him, or for Clinton. As a US citizen, however, accept the legitimacy of his election under the rules then, and now, in force, just as I accepted the legitimacy of Barack Obama in 2008 and 2012, although I also did not vote for him.

    The executive order requiring a report from the major government departments seems not yet to have been issued. There were articles reporting on the contents of a putative draft in the Washington Post around the first week of February which required things that I judge are relatively easy for departments like the Department of Defense that have established, active, and decently implemented information assurance policy to meet. Departments that are less prepared may have more difficulty or find it impossible to meet those requirements. Their pushback, through their respective cabinet secretaries, may be part of the reason that the order has not yet been signed.

    In any case, the order will become effective when it is issued, or at a later date specified within it, not earlier. Continuing the drumbeat of criticism for alleged presidential failures serves no purpose beyond catering for the opinions of those who still feel aggrieved by Trump's electoral victory and are ignorant of the realities of politics and the difficulty of managing a very large organization in which many actors have substantial independent authority, power, and the ability to call on outsiders for support.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.