President Trump extends cyber attack national emergency

President Trump has extended the cyber attack national emergency – originally declared by President Obama in April 2015 – that was set to terminate on April 1. Trump said: “[S]ignificant malicious cyber-enabled activities continue to pose an unusual and extraordinary threat to the national security, foreign policy and economy of the United States.” He did not mention election security. 

In December 2017, Trump issued an executive order to address the nation’s cybersecurity state of emergency. In February 2018, he proposed a 2019 fiscal year budget devoting substantial funds to IT modernization and cybersecurity. 

In an email reported in The Washington Times, the administration included a quote from House Communications Subcommittee Chair Marsha Blackburn (R-Tenn.), who was a member of Trump’s transition team: 

“On the House Committee on Energy and Commerce, we’ve made great strides to close the digital divide and increase the expansion of broadband nationwide. … The Communications and Technology Subcommittee, which I chair, has been working hard on a large broadband infrastructure package. … It is essential that we continue to find ways to increase access to broadband.” 

The president intends to apportion $50 billion to rural infrastructure, leaving it up to states to determine whether or not they want to allocate it for rural broadband. The White House has been criticized for not devoting more to its broadband infrastructure, but has defended its approach, saying that states are free to allocate 100% of that money for broadband. 

Protect your organization’s confidential information 

Organizations should take effective measures to protect personal information and the systems that process it. An information security management system (ISMS) is a good way to ensure your organization is taking adequate steps to mitigate risk and ensure business continuity in the event of a data breach. 

ISO 27001 is the international standard for ISMS best practice. Achieving ISO 27001 certification from an independent body demonstrates that an organization is doing all that it can to protect personal, sensitive, and private data. 

Free webinarAssessing compliance: the ISO 27001 ISMS internal audit

An internal audit is an effective way to evaluate how well your ISMS is functioning. It is also one of the requirements for ISO 27001-accredited certification. IT Governance is offering a free webinar on April 4, 2018 from 1:00–2:00 pm EDT, which provides an overview of the internal audit process under ISO 27001. Register for the ISO 27001 ISMS internal audit webinar.