Biden Administration Signs Comprehensive Cybersecurity Executive Order

• The Biden Administration has signed an executive order to push for the adoption of stronger cybersecurity measures.
• The order calls for more transparency, central response, openness in the disclosure of key information, and MFA everywhere.
• These are measures that should have been implemented a long time ago, but it’s better late than never.

In the wake of the ransomware attack on the Colonial Pipeline that has threatened to create a fuel (and by extension economic) crisis in the United States, the Biden administration has signed an executive order to strengthen the cybersecurity posture of the nation’s most critical agencies and networks.

Previously, Biden took a more incremental approach. However, the recent ransomware attack made it clear that things need to move faster and more decisively if the United States wishes to protect against hackers, be it state actors or financially motivated gangs.

The Colonial Pipeline incident is a sobering reminder that our nation faces sophisticated cyber threats.

Today, President Biden signed an executive order to chart a new course to improve the nation's cybersecurity and protect federal government networks. https://t.co/j9wyCKdwj0 pic.twitter.com/bJxVYf2D72

— The White House (@WhiteHouse) May 13, 2021

Here are the main points of the newly signed executive order:

• Remove Barriers to Threat Information Sharing Between Government and the Private Sector.
• Modernize and Implement Stronger Cybersecurity Standards in the Federal Government.
• Improve Software Supply Chain Security.
• Establish a Cybersecurity Safety Review Board.
• Create a Standard Playbook for Responding to Cyber Incidents.
• Improve Detection of Cybersecurity Incidents on Federal Government Networks.
• Improve Investigative and Remediation Capabilities.

These are all things that have been under discussion for years and elements that the infosec community has been highlighted again and again. The order hasn’t been hastily put together, though. It was actually in preparation for weeks now, and it just happened that it coincided with the DarkSide ransomware incident - and maybe it was a bit sped up in its pushing.

So, all in all, the information-sharing barriers between key entities in the country will be lifted, and endpoint detection and response mechanisms will now be controlled centrally. Moreover, the vendors of software used by government entities will be more open to sharing key information with the public, instead of keeping everything secret on the excuse of protecting patents and technological advantages.

All federal government networks and users will now use MFA to access cloud services, and all sensitive data will be stored encrypted. And finally, promoting good practices and developing recommendations to defend against a dynamically changing threat landscape will be the job of a safety review board consisting of experts in the field.