Assessing the Draft Cyber Executive Order
Our bottom line up front, assuming the text of this draft does not change, is that while the intent of the executive order represents a reasonable start to getting a handle on the cybersecurity challenges that await this administration, this appears to be another case where an executive order has not been coordinated with federal departments and agencies. Compared to other recent orders, this one is fairly tame—for example, we see no attempt to scale back U.S. compliance with international law. But that is a very low bar, albeit one that has been difficult for the new Administration to meet at times. Here, our concern is that the document’s authors are either unaware or dismissive of the substantial equities and capabilities of a broad swath of the government.