President Biden has signed an executive order to increase the US’s defenses against cyber attacks and provide better lines of communication between law enforcement and service providers to enhance investigations.
The order follows several cyber attacks on the US government and American firms, including the SolarWinds supply chain attack and the recent ransomware attacks on the Colonial pipeline.
According to the Executive Order on Improving the Nation's Cybersecurity, incremental improvements would not give the country the security it needs, and this means the government would need to make “bold changes and significant investments in order to defend the vital institutions that underpin the American way of life.”
The order will require IT (information technology) and OT (operational technology) service providers to share cyber security threat information with the government. It will also implement more robust cybersecurity standards in the federal government.
Federal agencies will also have to implement multifactor authentication to their systems and encrypt all data in the next 180 days and deploy a zero-trust security architecture.
Supply chain security is to be upgraded by establishing guidelines and best practices to audit software in the supply chain to ensure it hasn’t been tampered with by hackers. A pilot for a new Energy Star-style security rating for software sold to the government will also be launched.
The order also creates a cyber security safety review board to review and assess significant cyber security incidents and make recommendations to the government.
It will also establish a standardized playbook across all federal agencies on how to respond to breaches and cyber attacks.
The final order will help improve detection and remediation of cyber security vulnerabilities and incidents on government networks by deploying an Endpoint Detection and Response (EDR) solutions.
“Protecting our Nation from malicious cyber actors requires the Federal Government to partner with the private sector. The private sector must adapt to the continuously changing threat environment, ensure its products are built and operate securely, and partner with the Federal Government to foster a more secure cyberspace,” the order read.
Ilia Kolochenko, CEO and founder at ImmuniWeb, told ITPro that while this is a laudable initiative, it will be hard to implement in such a short time.
“Many entities of the federal government still fall short of FISMA, enacted in 2014 and aimed to bolster cyber resilience of the US government. The current situation with the recently enacted Cybersecurity Maturity Model Certification (CMMC) - requisite to do business with the US DoD - is similarly complicated. Finally, the Cybersecurity Safety Review Board may face traditional challenges of interagency collaboration,” he said.
“From a practical viewpoint, merely adding a zero-trust model will unlikely solve the fundamental problems, such as lack of visibility or incomplete IT assets inventory, inconsistent security strategy or insufficient training and awareness for employees. Nonetheless, this Executive Order convincingly demonstrates that Joe Biden’s administration cares about cybersecurity and takes it seriously. Hopefully, the upcoming regulations will be also underpinned by additional budget allocations and other resources required to build a resilient information security program at the federal level.”
