Of the 46 tasks President Biden mandated to protect digital government assets, 19 are now completed, though not all agencies have reported their progress.
On May 12, 2021, President Biden released a comprehensive cybersecurity executive order, EO 14028, entitled Improving the Nation’s Cybersecurity. The complex order responded to a chain of startling and damaging cybersecurity incidents that primarily occurred during Biden’s first few months in office.
The EO gave several federal government agencies tight deadlines to produce new rules and guidance on stringent cybersecurity requirements that the White House hopes will better protect government offices from malicious digital activity. In addition, the administration designed the order to spur federal government hardware and software suppliers to ratchet up their security efforts to hang onto their government contracts. The hope is that by exercising the power of the purse, the federal government’s new rules would have a positive spillover effect for private sector organizations, too.
Cybersecurity EO mandates 46 actions
The order requires 46 actions to be carried out by the Commerce Department, the Department of Homeland Security (DHS), the Defense Department (DOD), the Office of Management and Budget (OMB), the National Security Agency (NSA), the Director of National Intelligence, the Attorney General, the Federal Acquisition Regulatory (FAR) Council, and other government-related entities. Exemplifying the whole-of-government approach favored by this White House, virtually all the tasks assigned under the EO require collaboration by multiple government agencies.
Some government agencies, notably the NSA, have made little to no public comment on some or all their tasks under the EO. Therefore, it isn’t easy to gauge how far along some actions are to completion. Moreover, the deadlines for at least 11 of those tasks have yet to arrive.
This article appeared in CSO Online. To read the rest of the article please visit here.