On Wednesday May 12th, President Joe Biden signed an executive order outlining plans to strengthen the U.S. cybersecurity defenses, including improving supply chain security and implementing specific technologies like zero-trust networks and multifactor authentication (MFA). This order comes after a devastating ransomware attack on the Colonial Pipeline, which revealed vulnerabilities across all business and government cybersecurity.
The new executive order reflects lessons learned and actions needed to improve both the federal governments defenses but also that of private sector entities’. The most recent ransomware attack on Colonial Pipeline, one of the US’ largest pipelines, is linked to Russian-based cybercriminals DarkSide group. DarkSide is a ransomware-as-a-service platform that vetted cybercriminals can use to infect companies with ransomware and carry out negotiations and payments with victims. This attack, paired with the SolarWinds supply chain attacks revealed, that insufficient cybersecurity defenses are leaving public and private sector entities vulnerable to attacks.
“Incremental improvements will not give us the security we need; instead, the Federal Government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life,” Biden said in the executive order.
The White House’s new executive order encourages the federal government toward migrating to more secure cloud systems and establishes a “Cybersecurity Safety Review Board” with members from both the public and private sectors. The executive order is set to strengthen the country’s overall cyber posture.
The executive order, among other things, includes steps to help:
- Modernize Federal Government Cybersecurity alongside DFARS and CMMC.
- Standardize the Federal Government’s Playbook for Responding to Cybersecurity Vulnerabilities and incidents.
- Improve Detection and Response of Cybersecurity Vulnerabilities and Incidents on Federal Government Networks.
- Remove barriers to the sharing of threat information.
The executive order mandates specific technologies like zero-trust networks and endpoint detection and response (EDR) within 60 days. The order also mandates deployment of MFA and encryption for data at rest and in transit within 180 days, as well as accelerating movement to secure cloud services.
The new broad executive order is a good first step, but it will not stop the constant barrage of cyber security attacks that the US government will continue to face. Brandon Wales, acting director of the Cybersecurity and Infrastructure Agency (CISA) put it best when he said, “It won’t be easy, smooth or cheap, but the cost of not doing so is simply too high.” Learn more about our award-winning cybersecurity services and how we help organizations implement best practices and cybersecurity frameworks.