Recap of President Biden’s Cybersecurity Executive Order
President Joe Biden signed an Executive Order on May 12, 2021, in a bid to strengthen cybersecurity in the United States and secure federal agency networks. Recent cybersecurity incidents at SolarWinds, Microsoft Exchange, and the Colonial Pipeline data breaches serve as a grim caution that both nation-state actors and cybercriminals aggressively target US public and private sector enterprises. Inadequate cybersecurity measures, which make public and private sector groups more susceptible to these incidents, are a commonality in these occurrences.
This Executive Order will make a significant contribution to the upgrading of cybersecurity measures. It will serve to secure federal networks and enhance information sharing on cyber concerns between the US government and the commercial sector. It will also improve the federal government’s responsiveness to incidents when they happen.
The Order is the first of a series of bold moves by the Biden administration to update the state’s cyber defenses. The Colonial Pipeline incident for instance is a great reminder that federal action on its own is insufficient. Much of our country’s essential infrastructure is owned and controlled by the private sector, which uses its cybersecurity efforts to manage data breaches. We urge private enterprises to emulate the federal government’s lead and take bold steps to reinforce and streamline cybersecurity efforts to reduce future occurrences. Below is a more detailed discussion on what the Executive Order entails:
Remove Barriers to Threat Information Sharing Between Government and the Private Sector
This Executive Order will ensure that IT Service Providers can exchange information with the government and also certain breach information. IT suppliers are frequently reluctant or unwilling to reveal information about a compromise freely due to contractual requirements. It is vital to remove any contractual obstacles because it allows them to share breach information that could affect government networks. This makes the federal departments more successful in their protection and improvement of the nation’s overall cybersecurity.
Modernize and Implement Stronger Cybersecurity Standards in the Federal Government
The Executive Order aids the government’s transition to secure cloud services and a zero-trust architecture. It also specifies a timeframe for deploying multifactor authentication and encryption. Systems in public and private sectors have been compromised due to outdated security models and unsecured data. The federal government must take the lead in terms of security best practices, such as implementing a zero-trust security model, speeding the transition to secure cloud services, and routinely deploying core security capabilities like multifactor data encryption.
Enhance Software Supply Chain Security
By setting baseline security criteria for creating software sold to the government, the Executive Order will increase software security. Developers would also be obliged to keep greater insight into their program and allow the public to access secure data. It establishes a parallel public-private framework for developing fresh and safe software development techniques. It also exploits the federal government’s procurement power to entice the market.
Finally, it establishes a pilot initiative to generate an energy star label so that the government and the public may rapidly evaluate whether the software has been produced effectively. Too much of our software, even important software, is deployed with serious flaws that our attackers may take advantage of. This is a well-known and long-standing issue that we have overlooked always. We should use the federal government’s purchasing power to force the market to embed security into all software from scratch.
Establish a Cybersecurity Safety Review Board
The Executive Order established a Cybersecurity Safety Review Board, which will be co-chaired by leaders from the public and private sectors. After a cyber-attack, they may all meet to discuss what transpired and give tangible recommendations for strengthening cybersecurity.
Too often, businesses repeat past mistakes and fail to learn from major cyberattack incidents. When anything turns out badly, both the government and the private sector must ask tough questions and make the required changes. The National Transportation Safety Board, which is utilized after airline disasters and other disasters, should be the inspiration for this board.
Create a Standard Playbook for Responding to Cyber Incidents
This Executive Order will establish a uniform playbook and set of terminology for government departments and agencies to follow when responding to cyber incidents. Organizations cannot wait until they have been hacked before deciding how to react. Recent instances have revealed that the maturity level of response strategies within the government varies greatly. The playbook will ensure that all federal agencies meet a particular standard and are ready to take consistent efforts to identify and mitigate threats. The playbook will even serve as a pattern for the business sector’s response efforts.
Improve Detection of Cybersecurity Incidents on the Federal Government Network
The Executive Order increases the ability of federal networks to identify harmful cyber activities. It allows for the creation of a government-wide endpoint detection and response system as well as increased information exchange throughout the federal government.
An organization’s vulnerability to adversaries is increased by the slow and inconsistent implementation of core cybersecurity technologies and processes. In terms of cybersecurity, the federal government should take the lead. Endpoint Detection and Response (EDR) implementation across the government, as well as efficient intra-governmental information exchange, are vital.
Improve Investigative and Remediation Capabilities
For federal departments and agencies, the Executive Order establishes cybersecurity event log obligations. Poor logging makes it difficult for an organization to detect intrusions, manage those already underway, and establish the scope of an incident once it has occurred. Logging procedures that are both strong and consistent will fix a lot of this difficulty.
Conclusion
Cybersecurity attacks have increased in number such that the federal government has decided to intervene. The Executive Order on cybersecurity is intended to remove barriers to threat information sharing between the government and the private sector, improve detection of cybersecurity incidents on the federal government network, modernize and implement stronger cybersecurity standards in the federal government, and also establish a cybersecurity safety review board.
Veltec Networks is a reliable IT service provider that can help you secure your customer records, accounting data, computer network, and emails from cybercriminals. With them, you can achieve any desired level of IT security peace of mind. Please schedule a one-on-one meeting with the team from Veltec to review your complete IT outsourcing needs.