Clapper doubts Trump cyber order will get needed resources

Clapper doubts Trump cyber order will get needed resources
© Greg Nash

Former director of national intelligence James Clapper said Thursday that he doubts a forthcoming executive order from the Trump administration on cybersecurity will come with authorities and resources needed to implement it.

Clapper credited the administration for pursuing the executive order to strengthen cybersecurity of federal networks and critical infrastructure, but did not express much optimism that its goals would be achieved.

There has been high anticipation for the executive order since the White House cancelled its planned signing in late January. Subsequent drafts have been circulating, as the administration has been working to revise it. 

Clapper spoke alongside other former officials in testimony before the Senate Armed Services Committee on cyber policy and strategy Thursday morning.

ADVERTISEMENT

“The Trump administration understands preparing a new executive order and strengthening the cybersecurity of federal networks and critical infrastructure, emphasizes accountability, managing government IT architectures,” Clapper told the Senate panel.

“What I expect is, though, that the accompanying authorities and resources will not match these bold goals.”

Drafts of the order show the White House holding agencies accountable for their own cybersecurity and mandating that they abide by cybersecurity framework developed by the National Institute of Standards and Technology (NIST). 

Clapper on Thursday urged the administration to develop a way to measure agencies’ progress on cybersecurity. 

“Even if the agencies in the government complied with this forthcoming executive order in both the spirit and substantively, we will still have no recognized standardized way to measure whether we are more secure or not,” Clapper said. “To me, this is a major deficiency that needs to be addressed.” 

The White House has indicated that it plans to develop a way to monitor agencies’ cybersecurity efforts. In March, White House adviser Tom Bossert said that the administration plans to develop metrics to track federal agencies’ implementation of the NIST cyber framework.   

Still, President Trump has not taken many concrete steps on cybersecurity since taking office, prompting frustration among some on Capitol Hill. 

Sen. John McCainJohn Sidney McCainMeghan McCain on Pelosi, McCarthy fight: 'I think they're all bad' Democrats seek to counter GOP attacks on gas prices Biden nominates Jeff Flake as ambassador to Turkey MORE (R-Ariz.), who chairs the Armed Services Committee, chided the president earlier this week for missing a self-imposed deadline for creating an anti-hacking plan within 90 days of taking office. 

Lawmakers have spoken with urgency about the need for the new administration to develop a comprehensive strategy on cybersecurity, including means of deterrence and response. 

“The threat is growing, yet we remain stuck in a defensive crouch, forced to handle every event on a case-by-case basis, and woefully unprepared to address these threats,” McCain said Thursday. 

“We keep talking about a policy and a doctrine and it never seems to happen,” Sen. Angus KingAngus KingOvernight Health Care: CDC advises vaccinated to wear masks in high-risk areas | Biden admin considering vaccine mandate for federal workers Four senators call on Becerra to back importation of prescription drugs from Canada Senate falling behind on infrastructure MORE (I-Maine) said. A policy, he said, “has to start with the president.”