Biden Executive Order Mandates Zero Trust and Strong Encryption

Biden Executive Order Mandates Zero Trust and Strong Encryption

President Biden has issued a long-awaited executive order (EO) designed to improve supply chain security, incident detection and response and overall resilience to threats.



Although every President in recent years has issued an order to improve the nation’s cybersecurity, experts believe this one is more detailed and has a better chance of success than previous efforts. It also comes amidst unprecedented attacks on US government and critical infrastructure, in the form of the SolarWinds, Exchange Server and Colonial Pipeline attacks, to name just a few.



Among the key measures is a requirement for all federal government software suppliers to meet strict rules on cybersecurity or risk being blacklisted. Eventually, the plan is to create an “energy star” label so both government and public buyers can quickly and easily see whether software was developed securely.



Other measures include an “aircrash investigation-style” Cybersecurity Safety Review Board, which will make recommendations for improvements after any major incident, and a standardized playbook for government incident response.



The EO will also mandate a drive to secure cloud services and zero trust, including multi-factor authentication and data encryption at rest and in transit, by default.



There are also provisions for government-wide endpoint detection and response (EDR), improved information sharing within government and between public and private sectors, and event logging requirements for federal government departments to enhance investigation and remediation.



The executive order has been welcomed by security ..

Support the originator by clicking the read the rest link below.