Despite a recent flurry of strategy documents and executive orders, the Trump administration does not have a cohesive cybersecurity strategy, according to a new report from Congress' watchdog agency.
The Government Accountability Office said in a September report that cyber proposals from the Trump administration have not included enough details about the White House’s unified plan for cyber.
“The federal government has been challenged in establishing a comprehensive cybersecurity strategy and in performing effective oversight as called for by federal law and policy,” the report said, singling out the administration’s foreign and domestic plans.
The report, “Urgent Actions Are Needed to Address Cybersecurity Challenges Facing the Nation,” comes after the Trump administration has laid out a series of proposals to overhaul cyberspace operations in recent months.
President Donald Trump has changed the rules for how America operates in cyberspace. The Department of Homeland Security and the State Department have both laid out new cyber proposals. And the U.S. national security strategy has envisioned a new role for America in cyberspace.
But perhaps the best example of the Trump administration’s commitment to cyberspace came in July, when Vice President Mike Pence spoke at the Department of Homeland Security’s national cybersecurity summit in New York.
“Our administration has taken decisive action to fortify America’s cybersecurity capabilities,” Pence said, mentioning new partnerships, additional funding and a new risk management center at the Department of Homeland Security.
But for the authors of the non-partisan GAO report, the proposals did not amount to a cohesive plan.
“Most of the strategy documents lacked clearly defined roles and responsibilities for key agencies, such as DHS, the Department of Defense (DOD), and OMB,” the government watchdog said.
Members of Congress have made similar complaints.
“Our cybersecurity responsibility is spread across 72 different inspectors general,” said Sen. Sheldon White House, D-R.I., during an Aug. 21 hearing. “We need the equivalent of a roving inspector general for cybersecurity who can conduct penetration tests, FISMA audits (and) cybersecurity evaluations.”
However, more change may be underway. Officials from the White House and Department of Homeland Security have previewed a “cybersecurity moonshot” that aims to make digital security a household issue in the U.S. More details are expected in the coming months.
Justin Lynch is the Associate Editor at Fifth Domain. He has written for the New Yorker, the Associated Press, Foreign Policy, the Atlantic, and others. Follow him on Twitter @just1nlynch.