In a practice to modernize the country’s defenses against cyber-attacks and give information necessary for law enforcement to conduct investigations access on time, President Biden signed an executed order on Wednesday.
This executive order targets numerous cyber-attacks that target US this year, including the SolarWinds supply chain attacks in December and the more recent DarkSide ransomware attack against the largest US fuel pipeline, Colonial Pipeline.
The long, 34 pages executive order to improve the Nation’s Cyber-Security make a standardized incident response playbook and minimize the communication gap of service providers and law enforcement.
As per the executive order, the government will from now directly perform the following actions:
This order will be conducted in rolling phases ranging between 30 to 360 days. Amit Yoran, CEO of Tenable and founding director of US-CERT, said in a shared statement:
- Require IT and OT service providers to share the information about cyber-security threats and breaches that they are aware of and take care of contractual issues that may result into sharing of such information.
- Modernize the IT services. These include moving towards the Zero Trust Architecture, multi-factor authentication, and encryption of data at rest and in transit, develop the strict security guidelines on using cloud services.
- Improve the supply chain – by developing tools and guidelines to audit. Also, make it assures that critical software is not tempted by any malicious actors in supply-chain attacks. In this initiative, the federal government will create a energy-star type program to show software is developed securely.
- Establish a Board named Cyber Safety Review Board consist the members from Federal and private- sector both. They will convene after a significant cyber incident. Also, they have the task to assess the attack, provide recommendations and share confidential information with the law enforcement.
- Create Playbook respond on breaches and cyber-attackers to all government agencies.
- Improve cyber security vulnerabilities and breaches on government networks using centralized Endpoint Detection and Response solution and infra-governmental information sharing.
“This is one of the most detailed and deadline-driven EOs I’ve seen from any administration. In the wake of a seismic attack, like SolarWinds, this is incredibly encouraging to see.”
A summarize version of the executive order is also released by the White House to provide a good overview of the upcoming changes that are being made.
