Removing Barriers Blog

President Trump Signs Cybersecurity Executive Order
Posted May 11,2017 by CUNA Advocacy

Today President Trump signed a cybersecurity executive order.  The executive order requires reviews of the federal government’s cybersecurity vulnerabilities and directing adoption of specific security practices.  Specifically, it requires all federal agencies to adopt the NIST Cybersecurity Framework as a roadmap for a risk management review.  This review must be conducted within 90 days with the ultimate goal of modernizing and protecting federal agency’s IT infrastructure.  

CUNA generally supports the use of the framework as a tool for credit unions but is concerned that mandatory use by federal agencies could eventually lead to making it a mandatory standard for credit unions and other financial institutions.  

The stated goals of the executive order are to:

1. Secure federal networks

2. Protect critical infrastructure

3. Ensure cybersecurity for the nation

The executive order could impact credit unions as it requires agencies to identify authorities and capabilities that agencies could employ to support the cybersecurity efforts of critical infrastructure entities identified pursuant to section 9 of Executive Order 13636 of February 12, 2013 (Improving Critical Infrastructure Cybersecurity), which covers the financial sector.

In April, CUNA and the Independent Community Bankers of America filed a joint comment letter with the  Department of Commerce, National Institute of Standards and Technology (“NIST”) on their “Proposed Update to the Framework for Improving Critical Infrastructure Cybersecurity.”   CUNA will continue to review the executive order and work with regulators to assess any impact on credit union from this and any other future executive orders.