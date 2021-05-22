



On May 12, 2021, President Biden issued an executive order aimed at strengthening U.S. cybersecurity defenses. The order comes after the ransomware attack on Colonial Pipeline and numerous other cybersecurity attacks against the US government and private companies in recent years. The ordinance proposes a wide range of changes to strengthen the federal government’s ability to respond to and prevent cybersecurity attacks. The main sections of the command are highlighted below: Remove barriers to sharing threat information – IT and OT service providers that contract with the federal government will be required to share data and information related to cybersecurity breaches that could impact US networks. The order requires a review and updates to Federal Acquisitions Regulations (FAR) and agency-specific cybersecurity requirements to achieve this goal. Modernizing the Federal Government’s Cyber ​​Security – Agencies will have to modernize their approach to cybersecurity. The ordinance imposes requirements to achieve this modernization goal, including: (a) requiring all agencies to develop a plan to implement the Zero Trust architecture (an approach to network security that puts ’emphasis on user authentication and limiting access based on need-to-know), (b) require agencies and the OMB director to develop a federal cloud security strategy, and (c) require agencies to adopt multi-factor authentication and encryption for data at rest and in transit (to the extent possible under applicable laws). Improving the security of the software supply chain – After receiving feedback from the federal government, the private sector, academia and others, the director of the National Institute of Standards and Technology (NIST) will develop guidelines to improve the security of commercial software. Once these guidelines are in place, agencies will only be allowed to purchase software that complies with the guidelines. Software vendors will be required to “self-certify” that guidelines have been met and vendors who fail to comply will be removed from federal procurement lists. Creation of a cybersecurity review committee – A Cyber ​​Safety Review Board will be created by the Secretary of Homeland Security to assess major cyber incidents affecting the systems of federal civil agencies and non-federal systems. The board will be made up of officials from the private and public sectors and will meet after “significant cyber incidents” to analyze and make recommendations on how to respond to such cyber attacks. Standardization of the Federal Government’s Handbook for Responding to Cyber ​​Security Vulnerabilities and Incidents – The Secretary of Homeland Security will develop a standard set of operating procedures (or “playbook”) to be used in planning and conducting the response to cyber incidents. Improved detection of vulnerabilities and cybersecurity incidents on federal government networks – All federal civilian agencies will be required to deploy an Endpoint Detection and Response (EDR) initiative. EDR is an integrated endpoint security solution that combines real-time continuous monitoring and endpoint data collection with automated policy-based response and analysis capabilities. EDR’s goal is to proactively and quickly identify and respond to cybersecurity threats. Improved Federal Government Investigation and Remediation Capacities – The Homeland Security Secretary will provide the Director of OMB with recommendations on the requirements for recording events and keeping other relevant data in an agency’s systems and networks. National security systems – The Ministry of Defense will be required to adopt at least equivalent requirements for “national security systems” insofar as the ordinance is not otherwise applicable to these systems. To display the executive command, click here.

