As of May 12, 2021, President Biden has signed an Executive Order to strengthen cybersecurity defenses across the United States. With the recent Colonial Pipeline and SolarWinds breach, this is crucial to protecting critical infrastructure throughout the nation. This Executive Order includes:
- “Remove Barriers to Threat Information Sharing Between Government and the Private Sector.”
- “Modernize and Implement Stronger Cybersecurity Standards in the Federal Government.”
- “Improve Software Supply Chain Security.”
- “Establish a Cybersecurity Safety Review Board.”
- “Create a Standard Playbook for Responding to Cyber Incidents.”
- “Improve Detection of Cybersecurity Incidents on Federal Government Networks.”
- “Improve Investigative and Remediation Capabilities.”
Michael Brown, Rear Admiral, USN (Retired), an Eclypses Board Advisor, comments on this Executive Order, “Recent cyber events around the world, but in particular here in the United States, reminds us that cybersecurity is a strategic issue to both the public and private sectors. The Biden Executive Order on cybersecurity is a very comprehensive approach to some immediate actions that must be taken to secure the federal government, while also providing potential solutions to critical infrastructure and the private sector writ large. Its focus on software security within the supply chain is a much needed response to potential and real vulnerabilities in the software ecosystem.”
David Schoenberger, Eclypses CIO, comments, “I agree that these measures are critical. As the nation responds with countermeasures to these attacks, we also need to be proactive with new standards and measures. After reviewing section 3 particularly, our MTE technology is one step ahead of the game. Looking at the requirements within this Executive Order, the MTE technology solves many of these requirements today.”
Excerpt of section 3:
“Sec. 3. Modernizing Federal Government Cybersecurity
(a) To keep pace with today’s dynamic and increasingly sophisticated cyber threat environment, the Federal Government must take decisive steps to modernize its approach to cybersecurity, including by increasing the Federal Government’s visibility into threats, while protecting privacy and civil liberties. The Federal Government must adopt security best practices; advance toward Zero Trust Architecture; accelerate movement to secure cloud services, including Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS); centralize and streamline access to cybersecurity data to drive analytics for identifying and managing cybersecurity risks; and invest in both technology and personnel to match these modernization goals.”
In an MSNBC interview, Chris Krebs, Former Director of CISA was asked if he thinks the Biden Administration was on the right track regarding this Executive Order, he answered, “Absolutely. I think the team led by the deputy national security adviser, Anne Neuberger, has pulled together a really ambitious plan. If they lock it in, if they nail it, it`s going to make a dramatic difference in the security of our U.S. government systems.
To read the official White House release, click here.