The U.S. has been under cyberattacks for over a year now. It started with a persistent SolarWinds attack, which was discovered in December 2020 and was followed by the Accellion and Microsoft Exchange Servers hack. However, the last straw in this series of sweeping attacks is the unfortunate DarkSide ransomware attack on the Colonial Pipeline. The compromise of the Colonial pipeline’s systems crippled 5,500 miles long fuel supply lines that virtually dried the fuel supply across the East Coast. This prompted a stronger response from the Biden administration, which seems to have come in the form of the latest Executive Order (EO) signed by the POTUS for cybersecurity.
Biden’s Cybersecurity Initiatives
Joe Biden had already taken up the cybersecurity issue seriously as he took over the POTUS’ chair in Washington, D.C. On the recommendation of his intelligence unit and in collaboration with the Department of Energy (DOE) and CISA, Biden had recently revealed a 100 – days plan to enhance the electric grid security as the power sector was already seeing a notable spike in the cyberattacks. In response to this rising number, he decided that it was time for a change in the national cybersecurity protocols.
Biden’s Latest Executive Order for Improved Cybersecurity
The executive order of Biden is specifically aimed at improving the current state of the nation’s cybersecurity whose loopholes were exploited by the threat actors over the recent past. It includes the following:
- The IT service providers are now mandatorily required to notify the government about cybersecurity breaches that could impact U.S. federal and public networks. The EO states that any contractual barriers that might stop providers from threat intel sharing can now be bypassed as it is in the best interest of the nation.
- A standardized playbook and set of definitions that will help federal agencies to give a prompt response to future cyber incidents.
- Recommendation to the federal government to upgrade their operations to secure cloud services and other cyber infrastructure. Apart from this, a mandatory deployment of multifactor authentication and encryption for all data accessed, stored, and communicated, is necessary.
- Software service providers rendering services to the Federal Government agencies are now required to improve the security of the software sold to the government, which also includes its developers sharing certain security data publicly. The EO also recommends employing a zero-trust model and security in all software modules in a ground-up manner.
- A new “Cybersecurity Safety Review Board” comprising public- and private-sector officials will soon be formed which can give expert advice and analyze the situation making recommendations post a cyberattack or breach incident.
- The EO creates cybersecurity event log requirements for federal departments and agencies. Robust and consistent logging practices solve latency issues of investigation and remediation measures.
- An intra-governmental robust information sharing will be established to provide Government-wide Endpoint Detection and Response (EDR) deployment.
This executive order is a reminder of the troubles that the U.S. is facing on the cyber front, but more than that, it is a ray of hope that the Biden administration is addressing the elephant in the room. Could this be a turning stone for a better and cyber safe tomorrow? Only time will tell.