He pledged in January to quickly develop a program for countering hackers, but no one seems to know who’s in charge of developing it or where it is.
President-elect Donald Trump was very clear: “I will appoint a team to give me a plan within 90 days of taking office,” he said in January, after getting a U.S. intelligence assessment of Russian interference in last year’s elections and promising to address cybersecurity.
Thursday, Trump hits his 90-day mark. There is no team, there is no plan, and there is no clear answer from the White House on who would even be working on what.
It’s the latest deadline Trump’s set and missed — from the press conference he said his wife would hold last fall to answer questions about her original immigration process to the plan to defeat ISIS that he’d said would come within his first 30 days in office.
Since his inauguration, Trump’s issued a few tweets and promises to get to the bottom of Russian hacking — and accusations of surveillance of Americans, himself included, by the Obama administration.
Meanwhile, more contacts between Trump aides and Russian officials have surfaced — including some omitted from sworn testimony and official forms — and the committee chairman overseeing the inquiry being run by the House got so entangled with the Trump administration that he had to step aside.
Trump did start early with an event on cybersecurity, convening a meeting on Jan. 31 in the Roosevelt Room featuring Rudy Giuliani, who’s leading a group tasked with building private sector partnerships on cybersecurity. “We must protect federal networks and data. We operate these networks on behalf of the American people and they are very important,” Trump said in his remarks then, not addressing a coinciding executive order that was announced to be signed that day but that was abruptly pulled without explanation.
That appears to have led to some confusion about responsibility for the anti-hacking plan in the White House. The National Security Council would normally be involved in creating such a report. But on Wednesday, a NSC spokesperson told POLITICO that he was unaware if the NSC was in charge of compiling it, or if that responsibility fell to Giuliani — or if the report exists.
Giuliani is continuing his work talking to the private sector, but a spokesperson for the former New York City mayor confirmed that he is not involved in any 90-day report.
The White House spokesperson wouldn’t directly address why the deadline was missed.
“The president has appointed a diverse set of executives with both government and private sector expertise who are currently are working to deliver an initial cybersecurity plan through a joint effort between the National Security Council and the Office of American Innovation,” said Trump deputy press secretary Lindsay Walters, referring to the office run by Trump’s son-in-law and top aide Jared Kushner.
Trump made the deadline promise repeatedly. A week after the initial statement, he tweeted on Jan. 13, “My people will have a full report on hacking within 90 days!”
Given the issues at play, cyber security experts worry that missing this particular set deadline could have significant consequences and speaks to deeper concerns about the White House not grappling with clear threats.
“It would set an unfortunate precedent to miss the president’s first important cyber-related deadline,” said Michael Sulmeyer, director of the Harvard Belfer Center’s Cyber Security Project and former director of Cyber Policy Plans and Operations at the Defense Department.
“Ever the critic on the campaign trail, Trump and his cyber team now have the responsibility to keep the country safe from cyberattacks,” Sulmeyer said. “Given so much attention on North Korea this past week, and that North Korea conducted one of the most serious cyberattacks against the United States, we should expect the new administration to be on the case.”