Washington, D.C., October 22, 2020 - The Department of Homeland Security describes critical infrastructure as “the physical and cyber systems and assets that are so vital to the United States that their incapacity or destruction would have a debilitating impact on our physical or economic security or public health or safety.” While the Trump administration has seen the establishment of the Cybersecurity and Infrastructure Security Agency through legislation, the presidency of Donald Trump has also been characterized by its high volume of executive orders, which offer key insight into the president’s consideration of both past and possibly future matters of policy. Between January 2017 and September 2020, President Trump signed 189 executive orders, of which nine pertained directly or indirectly to the cybersecurity of critical infrastructure (this compares to the 172 and 147 executive orders signed by Presidents George W. Bush and Barack Obama, respectively, during their first terms).
The Documents
Executive Order 13799 of May 11, 2017 established the Presidential Advisory Commission on Election Integrity with the intention of studying the registration and voting processes used in federal elections to ensure the confidence of the American voter in the integrity of the electoral process. The Commission was tasked especially with studying mechanisms enabling fraudulent voter registrations or fraudulent voting. EO 13799 was revoked, and the Presidential Advisory Commission was terminated, by Executive Order 13820 of January 3, 2018.
Source: govinfo.gov
Executive Order 13800 of May 11, 2017 was the first of President Trump’s executive orders targeted at enhancing the security of federal networks and critical infrastructure. EO 13800 called upon components of the executive branch to address their cyber risk management framework and standardize these efforts in line with the National Institute of Standards and Technology’s Framework for Improving Critical Infrastructure Cybersecurity. Each federal agency is tasked with providing risk management reports to the Secretary of Homeland Security within 90 days of the signing of EO 13800. EO 13800 empowers the Secretary of Homeland Security to act as the nation’s key coordinator for all aspects of critical infrastructure security, including cybersecurity.
Source: govinfo.gov
Executive Order 13833 of May 15, 2018 sought to enhance the effectiveness of executive branch agency chief information officers by empowering agency CIOs to ensure that agency IT systems are secure, efficient, and effective. This goal was addressed both by increasing the scope of the authority of federal CIOs, and by updating and upgrading legacy federal IT infrastructure.
Source: govinfo.gov
Executive Order 13870 of May 2, 2019 sought to promote the development of America’s cybersecurity workforce by enhancing the career mobility and supporting the development of cybersecurity staff in the executive branch. The goals of EO 13870 were therefore to develop and maintain a robust federal cybersecurity workforce by: regularly rotating the assignments of cybersecurity employees to better facilitate knowledge transfer; using aptitude tests to identify current employees to receive cybersecurity reskilling; creating awards and commendations for both uniformed and civilian cyber operators; establishing the President’s Cup Cybersecurity Competition to identify, challenge, and reward the federal government’s best offensive and defensive cybersecurity personnel and teams.
Source: govinfo.gov
Executive Order 13873 of May 15, 2019, which indicated an escalation in the Trump administration’s intention to insulate American information and communication technology (ICT) from foreign adversaries, prohibits the acquisition, importation, transfer, installation, dealing in, or use of any ICT by any person subject to the jurisdiction of the United States where the transaction involves property in which any foreign country or national has any interest, subject to the determination of the Secretary of Commerce that the transaction poses a material national security concern.
Source: govinfo.gov
Executive Order 13913 of April 4, 2020, built upon EO 13897 by establishing the Committee for the Assessment of Foreign Participation in the United States Telecommunications Sector, with the primary objective of assisting the Federal Communications Commission in its public interest review of national security and law enforcement concerns that may be raised by foreign participation in the United States telecommunications services sector.
Source: govinfo.gov
Executive Order 13920 of May 1, 2020 largely mirrors EO 13873 in its prohibition of acquiring, importing, transferring, or installing any bulk-power system electric equipment by any person or with respect to any property subject to the jurisdiction of the United States where the transaction involves any property in which any foreign country or national has any interest where the Secretary of Energy, in coordination with the heads of other executive branch agencies, has determined that the transaction poses a risk to the national security of the United States. The Secretary of Energy is empowered to direct the timing and cessation of any pending or future transactions. EO 13920 established the Task Force on Federal Energy Infrastructure Procurement Processes Related to National Security, which is to be chaired by the Secretary of Energy or the Secretary’s designee, with the purpose of broadly overseeing the intersection of national security and the procurement policies for energy infrastructure.
Source: govinfo.gov
Executive Order 13942 of August 6, 2020, drafted in response to the widespread use of the mobile application TikTok and concerns that the Chinese government may use TikTok for propagandistic or otherwise exploitative purposes, set a timeframe of 45 days after which any transaction by any person or with respect to any property under the jurisdiction of the United States with ByteDance Ltd. of Beijing, China (the parent company of TikTok) is prohibited.
Source: govinfo.gov