On Friday, President Trump signed a significant memorandum aimed at enhancing the cybersecurity of National Security Systems (NSS) in the United States. The National Security Presidential Memorandum-12 (NSPM-12) introduces new governance and accountability measures to strengthen the protection of these critical systems.
Strengthening National Security Systems
The NSS encompasses the most critical computer systems in the nation, integral to processing classified information and supporting military and intelligence missions. The memorandum ensures that NSS operated by civilian agencies receive protections equivalent to those owned by the government.
The directive outlines a proactive cybersecurity policy for the United States, emphasizing the need for an adaptive and resilient cybersecurity ecosystem to counteract sophisticated cyber threats. It aims to protect the nation from persistent cyber adversaries.
Reestablishment and Modernization of CNSS
The memorandum revitalizes the Committee on National Security Systems (CNSS), modernizing it to establish baseline cybersecurity requirements for all NSS. The CNSS will oversee cybersecurity directives, issue emergency guidelines, and promote coordination and information sharing across government agencies.
The CNSS is tasked with leveraging the combined expertise and resources of key federal cybersecurity leaders, including the Federal Chief Information Officer and the Director of the National Security Agency (NSA), to ensure robust defenses for NSS.
Implementation and Oversight
Under NSPM-12, the NSA Director will assume the role of National Manager for NSS, tasked with providing technical guidance and recommendations on incident response. The Policy Coordination Committee will collaborate with the CNSS to assess the cybersecurity posture of NSS.
Within three months, the CNSS is expected to revise directives, outline a strategic roadmap, and prioritize policy areas. Agencies are required to maintain and annually update an inventory of the NSS they operate, ensuring transparency and accountability.
This initiative marks a pivotal step in fortifying the nation’s cybersecurity infrastructure, aiming to close any gaps and mitigate vulnerabilities in critical systems.
