Trump on Cyber

FROM THE EDITORS AT CYBERSECURITY VENTURES

Q1 2017

TrumpOnCyber.com provides a non-partisan diary of U.S. President Donald Trump’s cybersecurity platform. From press conferences to government reports, this is a comprehensive summary of the administration’s developing policies in the area.

FIRST EDITION

Inaugural edition of Trump On Cyber covers the first 100 days

moragMorag McGreevey

Menlo Park, Calif. – Mar. 31, 2017

Cybersecurity Ventures announces Trump On Cyber — a new quarterly in our diary series.

Prior to taking office, President-Elect Trump spoke to the Retired American Warriors PAC in Herndon, Va., and said “Cyber theft is the fastest growing crime in the United States by far. As President, improving cybersecurity will be an immediate and top priority for my administration. One of the very first things I will do is to order a thorough review of our cyber defenses and weaknesses.”

We pick it up from there.

THE DIARY

March

Mar. 31. Russian cyber attacks on Trump White House have not stopped, with prominent Republicans, including House Speaker Paul Ryan and Sen. Marco Rubio, being targeted by coordinated social media attacks.

Mar. 30.  President Trump extended Obama’s executive order on cyber attacks for another year, allowing the government to issue sanctions against people and organizations engaged in cyber crime against the U.S.

Mar. 28. The House voted in favour of blocking internet privacy rules passed by the Federal Communications Commission last year, sending the bill to President Trump who is expected to sign it into law. This bill passed in the House 215 to 205; 15 Republicans voted against it.

Mar. 28. A group of MIT researchers lead by Joel Brenner, former inspector general of the National Security Agency and head of U.S. Counterintelligence in the Office of the Director of National Intelligence, have released a set of eight key cybersecurity recommendations for President Trump.

Mar. 27. Rep. Devin Nunes (R-Calif.) leveled charges that the intelligence community collected information on members of President Trump’s transition team. This allegation drew criticism from Democrats, because he went directly to the White House to inform President Trump before first briefing the House Intelligence Committee.

Mar. 27. NATO was set to spend over $3.2 billion to support the coalition’s cybersecurity and satellite communications programs over the next three years. The funds are pending approval by the 28 governments, including the Trump administration who has repeatedly criticized the effectiveness of NATO.

Mar. 23. The U.S. Chamber of Commerce is making several cybersecurity recommendations for the Trump administration, including soliciting private sector input for a new cybersecurity strategy and modernizing the government’s IT infrastructure.

Mar. 20. Director James Comey confirmed that the FBI is investigating Russian attempts to interfere with the 2016 elections through cyber attacks and other methods, including any relationship between members of Donald Trump’s campaign and Moscow.

Mar. 19. President Trump’s first budget as president put forward $1.5 billion for cybersecurity spending.

Mar. 16. President Trump’s budget blueprint for the federal government proposes $61 million increase for the FBI and Justice Department in 2018 to better combat cybercriminals.

Mar. 16. That same budget blueprint repeatedly cites “effectiveness, efficiency, cybersecurity, and accountability” as a goal.

Mar. 16. Retired Gen. Michael Flynn was paid $11,250 by Russia’s top cybersecurity firm, Kaspersky, in 2015, according to new documents obtained and published by the House Committee on Oversight and Government Reform on Thursday.

Mar. 14. President Trump is poised to select Rob Joyce, the currently chief of the National Security Agency’s secretive Tailored Access Operations (TAO), as his White House Cybersecurity Advisor.

Mar. 12. The House Intelligence committee is asking the Trump administration for evidence that phones in Trump Tower were tapped during the election campaign, after President Trump tweeted “Terrible! Just found out that Obama had my ‘wires tapped’ in Trump Tower just before the victory. Nothing found. This is McCarthyism!”

Mar. 10. The New Democrat Coalition, a group of 30 Democratic lawmakers, sent a letter to President Trump “to highlight the importance of making smart cybersecurity investments, which will more than pay off in the long run.”

Mar. 9. Trump administration leaves key cybersecurity jobs vacant: of the nine agency-level Chief Information Officer (or CIO) roles that are politically appointed, only one is currently filled .

Mar. 8. FBI Director James Comey says that he plans to serve out his entire 10-year term, despite controversy over President Donald Trump’s claims that the Obama administration wiretapped his phones. “You’re stuck with me for another 6-½ years,” said Comey during a cybersecurity conference.

Mar. 6. Industry officials are reviewing the Trump administration cybersecurity executive order, which has been delayed for over a month, when he abruptly cancelled the signing without explanation. This may be a sign that he is coming closer to releasing the order.

Mar. 6. President Trump declared it National Consumer Protection Week, underscoring the need to increase awareness about cyber crime.

Mar. 3. Russian foreign minister blasted the scandal around links between President Trump’s presidential campaign and the Kremlin. Echoing President Trump’s words, he decried the media frenzy as a “witch hunt.”

Mar. 3. President Trump named Grace Koh the special assistant for technology, telecom and cybersecurity. Koh, who previously served as Deputy Chief Counsel to the Subcommittee on Communications and Technology of the Energy and Commerce Committee in the U.S. House of Representatives, is now officially the senior staff member in charge of technology and cybersecurity.

Mar. 1. Top lawmakers on the House Intelligence Committee have set the parameters of their investigation into Russia’s interference in the U.S. election, which includes potential contacts between President Trump’s campaign and Moscow.

February

Feb. 28. Former Indiana Senator Dan Coats sought to reassure lawmakers that he will capably lead the intelligence community, despite some conflicting signals from the Trump administration.

Feb. 27. President Trump said that his first budget proposal would feature major increases to national security spending offset by “greater savings and efficiencies” to federal government spending.

Feb. 20. House Oversight and Government Reform Committee Rep. Ted Lieu, D-Calif., called for an investigation into the personal cybersecurity practices of President Donald Trump and his staff.

Feb. 18. The Trump administration has been consulting technology industry leaders prior issuing its delayed order on cybersecurity.

Feb. 14. Retired General Keith Alexander described a recent meeting with President Trump during which cybersecurity issues were discussed with members of his inner circle: “The President’s demeanor changed to what you would expect of a corporate CEO. […] He listened. He took what they said, restated it, went on to next thing and allowed everyone to talk.”

Feb. 13. President Trump and Canadian Prime Minister Justin Trudeau committed to working together on cybersecurity during their first meeting in Washington, D.C.

Feb. 13. In contrast with previous years, representatives from the White House did not attend the RSA Conference, an important San Francisco-based cryptography and information security-related conference.

Feb. 13. Michael Flynn, the top advisor on the National Security Council, is also under fire after publications reported that Flynn spoke with Russian Ambassador Sergey Kislyak about economic sanctions, despite Flynn’s repeated denials.

Feb. 7. U.S. Homeland Security Secretary John Kelly said he backed a decision in the Obama administration to designate elections systems as critical infrastructure in order to boost their cyber defenses, after the government concluded Russian hackers tried to influence the 2016 presidential race.

Feb. 5. Israeli Prime Minister Benjamin Netanyahu, who is scheduled to visit the White House on Feb. 15, states that strengthening cybersecurity ties between nations will be a top priority.

Feb. 2. Defence Department civilian jobs critical to cybersecurity are safe from the government-wide hiring freeze. A memo from the office of Deputy Defense Secretary Bob Work states that jobs “required for execution of the cyber and intelligence lifecycle operations, planning or support” are exempt from the freeze.

Feb. 1. President Trump delayed signing an executive order to initiate a government-wide review of the nation’s cybersecurity policy led by the Department of Defense and the Department of Homeland Security.

Feb. 1. President Trump told reporters that he will hold “cabinet secretaries and agency heads accountable, totally accountable, for the cybersecurity of their organization.”

January

Jan. 31. President Trump states that before he signs the executive orders for cybersecurity reform, he will hold a “listening session” with cybersecurity experts.

Jan 30. The leaked draft copy of the executive order on cybersecurity is notable because it diminishes the role of the FBI and makes no mention of protecting election systems.

Jan. 27. Washington Post published a draft executive order titled “Strengthening US Cyber Security and Capabilities” to be signed by Donald Trump. The order fleshes out the “cyber review” promised by the President during the election campaign.

Jan. 26. President Trump is considering executive orders calling for the review of parts of the US national security infrastructure, including how the nation addresses cybersecurity threats.

Jan. 25. Cybersecurity adviser Rudy Giuliani states that President Trump has identified Israel as a key partner in the US’s cybersecurity efforts.

Jan. 25. President Trump’s blanket civilian hiring freeze may hurt federal agencies struggling to recruit enough skilled cybersecurity professionals for the nation’s digital defenses.

Jan. 20. Treasury nominee Steven Mnuchin is “very concerned about the lack of first-rate technology at the IRS” and cites the need for cybersecurity and staffing upgrades.

Jan. 13. The Senate Intelligence Committee announced that it will be launching a bipartisan inquiry into Russian intelligence activities, including looking into whether President-elect Donald Trump’s allies were in contact with Russia.

Jan. 12. Rudy Giuliani confirms that he will coordinate regular cybersecurity meetings between President-elect Trump and private sector tech leaders.

Jan. 6. President-Elect Trump disparaged US Intelligence Agencies in relation to suspected Russian hacking during the election lead up, but he also expressed “tremendous” respect for the work that they do. He claimed that Russian hacking had no effect on the election outcome.

Jan. 6. The President-Elect stated that there were Russian attempts to hack the GOP did not impact the election because the Republican National Committee had stronger cyber defences.

Jan. 5. A taskforce of bipartisan lawmakers released a report recommending a detailed cybersecurity agenda for the incoming Trump administration.

Jan 4. President-elect Donald Trump nominanted Wall street lawyer Jay Clayton as the next chairman of the Securities and Exchange Commission. Clayton has a background in cybersecurity, helping to lead Sullivan & Cromwell’s cybersecurity practices.

Jan. 1. President-Elect Trump stated “I think that computers have complicated lives very greatly … we have speed, we have a lot of other things, but I’m not sure you have the kind of security you need.”

Morag McGreevey is a freelance writer covering cybersecurity, national security, VC deals, and investing.

grayfooterline

© 2016-2017 Cybersecurity Ventures. All rights reserved. Federal copyright law prohibits unauthorized reproduction of this Report by any means and imposes fines up to $150,000 for violations. Reproduction in whole or in part in any form or medium without expressed written permission of Cybersecurity Ventures is prohibited.