The document, which has been in the works for months, is expected to be signed Friday or early next week, according to people familiar with the matter. It builds on cyber lessons learned throughout the Biden administration following the signing of a flagship executive order in 2021 that was fueled by the well-storied Colonial Pipeline and SolarWinds hacks.
Since then, the government has faced myriad hacking incidents from nation-state operatives. A recent Chinese hack into the Treasury Department’s systems was likely carried out by a Beijing-backed hacking unit dubbed Silk Typhoon, according to a person familiar with the matter. Bloomberg News first reported the presumed identity of the hackers Wednesday night.
“We’ve learned a lot of lessons over the last four years from … seeing compromises by countries like China,” Deputy National Security Advisor for Cybersecurity and Emerging Technology Anne Neuberger told reporters this week, describing the forthcoming executive action. “We’ve learned what’s worked, and we’ve learned what the gaps are, and our goal was really putting the next administration on the best possible foundation to build on that for success.”
As written, the draft order directs agencies and their industry clients to think harder about where they get their software and how their softwares’ security is vetted. The Federal Acquisition Regulatory Council, for instance, would be aske ..
Support the originator by clicking the read the rest link below.