US President Joe Biden has issued an executive order (EO) seeking to strengthen federal cybersecurity amid growing concerns about threats to national security from attacks like the one on Colonial Pipeline last week, which triggered a massive gas shortage across the southeast in recent days.
The EO spells out a series of measures for federal agencies aimed at, among other things, bolstering threat information sharing between the government and private sector, ensuring better software security, and standardizing federal incident response capabilities. The order only applies to federal agencies and federal contractors, but like many federal actions could end up having a broader ripple effect on private industry as well.
Biden pointed to "persistent and increasingly sophisticated malicious cyber campaigns" as the immediate driver for the executive action. Such campaigns pose a risk both to the public and the private sector and ultimately threaten the security and privacy of American people, he said in issuing the presidential directive.
"Incremental improvements will not give us the security we need," Biden said. "Instead, the federal government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life."
The most noteworthy aspects about the EO, according to industry experts, are its requirements for baseline security standards for software sold to the federal government, the removal of barriers to threat information sharing, and the creation of a standard federal playbook for responding to cyber incidents.
On the software front, the directive requires developers to ensure their products meet certain minimum security standards to qualify for federal government procurement. Likely because of the concerns spawned by the SolarWinds attack, the EO makes ..
Support the originator by clicking the read the rest link below.