By Steven Weber and Chuck Kapelke
Last month, a ransomware attack—one of the most far-reaching cyberattacks in history—affected thousands of hospitals, corporations, and other institutions in more than 150 countries. As expected, an attack of this magnitude galvanized calls for action to prevent this kind of event in the future.
At least some of the answers can be found, ironically, in the executive order (EO) signed by President Trump the day before the ransomware attack began. That order—titled “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure”— aims to guide U.S. government agencies in securing their digital networks, as well as to better protect critical infrastructure like defense systems and the electric grid.
The EO is not perfect, of course, but it does mark a clear move in the right direction. Criticisms that the EO lacks specifics miss its larger aim. The EO provides a number of essential guidelines and details priorities that institutions should consider in crafting a cybersecurity strategy. Below are a few takeaways....
Steven Weber is a professor in the UC Berkeley School of Information and faculty director of the Center for Long-Term Cybersecurity.