
Biden administration releases ambitious cybersecurity executive order
Though lacking in definitional clarity, this new executive order might be more effective than past federal efforts, especially in the wake of the Colonial Pipeline attack.
Capping a dramatic week that saw major oil pipeline provider Colonial Pipeline crippled by a ransomware attack, the Biden administration released a highly anticipated, far-reaching and complex Executive Order on Improving the Nation’s Cybersecurity. The executive order (EO) aims to chart a “new course to improve the nation’s cybersecurity and protect federal government networks.”
The ambitious document uses the SolarWinds and Microsoft Exchange supply chain hacks and the Colonial Pipeline ransomware infection as springboards for a series of initiatives that aim to minimize the frequency and impact of these kinds of incidents. These initiatives are:
- Remove barriers to threat information sharing between government and the private sector, particularly ensuring that IT service providers can share security breach information with the federal government.
- Modernize and implement stronger cybersecurity standards in the federal government, including a move to cloud services and zero-trust architectures and multi-factor authentication (MFA) and encryption mandates.
- Improve software supply chain security, including establishing baseline security standards for software development for software sold to the government. The Commerce Department must publish minimum elements for a software bill of materials (SBOM) that traces the individual components that make up software.
- Establish a cybersecurity safety review board consisting of government and private sector experts who convene following a significant cybersecurity incident to make recommendations, much like the National Transportation Safety Board (NTSB) does in the aftermath of a major transportation accident.
- Create a standard playbook for responding to incidents to ensure all federal agencies meet a standard playbook and set of definitions for incident response.
- Improve detection of cybersecurity incidents on federal government networks by enabling a government-wide endpoint detection and response (EDR) system and improved information sharing within the federal government.
- Improve investigative and remediation capabilities by creating cybersecurity event log requirements for all federal agencies.
This article appeared in CSO Online. To read the rest of the article please visit here.
1 COMMENT
One thing I have actually noticed is the fact there are plenty of common myths regarding the finance institutions intentions while talking about home foreclosure. One fairy tale in particular is the bank would like your house. The lending company wants your dollars, not your home. They want the money they gave you along with interest. Staying away from the bank is only going to draw the foreclosed final result. Thanks for your publication.