On May 13, 2021, President Biden signed a comprehensive Executive Order that seeks to appreciably strengthen cybersecurity protections for federal systems, enhance threat information sharing between the private sector, the government, and law enforcement, and present a cyber threat response playbook to speed up the response to incidents and their mitigation.
The 34-page Executive Order consists of short time spans for executing essential enhancements to cybersecurity, with all components of the Executive Order ought to be executed within the next 360 days and the initial elements required in 30 days. The Executive Order was written after a sequence of terrible cyberattacks that impacted government units and agencies, like the attacks on the SolarWinds Orion Supply chain and on Microsoft Exchange Servers. The latest DarkSide ransomware attack on Colonial Pipeline is one more reminder of the need to improve cybersecurity, not merely for the Federal government but likewise for the private industry which owns and manages the majority of the country’s critical infrastructure.
President Biden is preparing to lead by example and is encouraging the private market and critical infrastructure companies to follow the Federal government’s lead in increasing toughness to cyberattacks and planning for attacks to make sure that interruption to operational functionality is minimized.
The important components of the Executive Order on Enhancing the Nation’s Cybersecurity are:
- Getting rid of limitations to sharing threat details so it’s easy for private sector firms to report issues and data breaches that can likely impact Federal sites.
- Modernizing and using tougher cybersecurity criteria in the Federal government. This comprises widespread use of data encryption and multifactor authentication, the usage of a zero-trust architecture, and a quicker transition to secure cloud services.
- The making of a standard cyber incident response playbook. Government divisions and agencies must know, ahead of time, how to react to threats. The playbook can make certain a quick and uniform action to any cybersecurity occurrence.
- Enhancements to investigative and remediation capabilities. Detailed security event lists should be kept by federal units and agencies to make sure that cyberattacks could be quickly investigated and fixed. Breach investigations are hindered because of the absence of solid and steady logging.
- Enhancing software supply chain safety. All software programs acquired by the U.S. government should comply with new security requirements. Developers need to keep greater monitoring of their software solutions and make security information publicly accessible. The government will likewise start a pilot “energy star” label system to show whether the software was created securely.
- A Cybersecurity Safety Review Board will be organized that is made of government and private industry leads that will meet after any substantial security breach to evaluate what has occurred. The advice can then be decided and executed to make certain the same attacks are prevented later on.
- Enhancements to cyber incident detection abilities. A government-wide endpoint detection and response system is going to be used, together with strong intra-governmental data sharing.
The Biden Administration explained in a statement that this Executive Order substantially contributes to modernizing cybersecurity defenses by safeguarding federal networks, enhancing information-sharing among the U.S. government and the private market on cyber concerns, and building up the United States’ capability to respond to problems when they happen. It is one of the ambitious steps the Administration is doing to upgrade national cyber defenses.