Three financial services trade organizations had mixed reactions to an executive order, signed by President Trump last week, that calls for a massive review of cybersecurity efforts in government agencies, requires agencies to use one set of cybersecurity risk-management standards and holds agency heads accountable for protecting data. ­­

Within the next 90 days, heads of executive departments and agencies must provide risk-management reports — some of which may be classified — to Homeland Security and the Office of Management and Budget detailing how they manage cyber-risks, what changes they plan to make, and what cybersecurity risks they’re willing to accept.

According to the order, agencies must also adopt the National Institute of Standards and Technology’s Framework for Improving Critical Infrastructure Cybersecurity, first issued in 2014, to manage cybersecurity risk.

“The executive branch has for too long accepted antiquated and difficult–to-defend IT,” the order said.

 

continue reading »