As Americans depend more and more on digital communications and information in their work and daily lives, the challenges of protecting the security of information and resiliency of networks in our technology-driven world keep growing and changing. In February 2013, President Obama signed executive order 13636, which first mandated the National Institute of Standards and Technology (NIST) to develop an approach to combat cybersecurity risks against critical infrastructure. One year later, NIST issued its “Framework for Improving Critical Infrastructure Cybersecurity,” which has been widely used by government and private sector organizations.
Now approaching four years since the NIST Cybersecurity Framework was issued, it is undergoing revision, and the Trump administration is implementing a May 2017 executive order on cybersecurity. Meanwhile, cybersecurity continues to grow as an issue in the face of increasingly aggressive exploitation by state actors and cyber-criminals alike, continuing concern about election security in 2018 elections, as well as additional high-profile hacks and data breaches.
On Feb. 14, the Center for Technology Innovation at Brookings held a discussion among key policy leaders on what has happened in U.S. cybersecurity policy since the NIST Cybersecurity Framework came out in 2013, and what lies ahead. Panelists discussed where the United States’ cybersecurity resiliency stands, and what the future holds regarding the implementation of President Trump’s executive order, international engagement, and other policies.
After the session, speakers took audience questions.