President Biden’s Executive Order on “Improving the Nation’s Cybersecurity”
On May 12, 2021, President Joe Biden signed Executive Order 14028, “Improving the Nation’s Cybersecurity”. The recent cyberattacks, such as the one that almost crippled the Colonial Pipeline, have grabbed the nation’s attention for a greater need to increase measures on cybersecurity defenses. As technology becomes more complex with many advancements, cybercriminals become more advanced with malicious cyber activity that puts both the public and private sectors in vulnerable positions. This article briefly summarizes each section of the Executive Order.
Section 1: Policy
This Executive Order lays out specific instructions, with deadlines, that will strengthen the Federal Governments efforts in identifying, deterring, protecting against, detecting, and responding to actions and actors that pose huge threats on the public sector’s, private sector’s, and ultimately the American people’s security and privacy. The numerous cybersecurity requirements for federal agencies and government contractors call for the Federal Government to “bear the full scope of its authorities and resources to protect and secure its computer systems… The scope of protection and security must include systems that process data (information Technology (IT)) and those that run the vital machinery that ensures our safety (operation technology (OT)).” With respect to national and economic security, President Biden and his Administration stress that the Federal Government must lead by example by meeting or exceeding standards and requirements for cybersecurity.
Section 2: Removing Barriers to Sharing Threat Information
The Federal Government will work with IT and OT service providers to examine the daily functions of the Federal Information Systems and to monitor networks for threats and incidents. Service providers share and report data and information relating to cyber incidents. The current contract restricts sharing information about threats or incidents. This section removes restrictions to increase the sharing of breach information with the government to be more effective in the defense of the Federal department’s systems and the Nation’s cybersecurity.
Section 3: Modernizing Federal Government Cybersecurity
The Federal Government must take steps to modernize its approach on cybersecurity while protecting privacy and civil liberties. This section describes instruction to incorporate the use of cloud technology services, to develop and implement a Zero Trust Architecture, and to deploy multifactor authentication and encryption.
Section 4: Enhancing Software Supply Chain Security
This section emphasizes the importance of critical and commercial software and the need to improve on the security and integrity of the software. This requires different agencies and sectors to provide input on existing measures and to develop new standards and tools to comply with procedures and criteria. This will create guidelines on how to determine if the software was developed securely and guidelines on the development of software and how to build security into it.
Section 5: Establishing a Cyber Safety Review Board
Homeland Security and the Attorney General will establish the Cyber Safety Review Board which will improve on cybersecurity and incident response practices by reviewing and assessing cyber incidents. The board will comprise members of the government, the private sector, the Department of Defense, the Department of Justice, the FBI, Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and more.
Section 6: Standardizing the Federal Government’s Playbook for Responding to Cybersecurity Vulnerabilities and Incidents
There are many different procedures spread out among multiple agencies to identify, remediate, and recover from vulnerabilities and incidents. This standardized response process will develop operating procedures to help centralize cataloging incidents and tracking progress. This playbook will incorporate all standards of the National Institute of Standards and Technology (NIST) and will provide key terms to “ensure a common understanding of cyber incidents and cybersecurity status of an agency.” This playbook will also provide agencies with plans for responding to threats and attacks.
Section 7: Improving Detection of Cybersecurity Vulnerabilities and Incidents on Federal Government Networks
This section of the Executive Order aims to improve the government’s ability to detect malicious cyber activity on federal networks. By creating an Endpoint Detection and Response (EDR) system, the Federal government plans to lead by example with early detection and cybersecurity practices, while decreasing exposure to adversaries.
Section 8: Improving the Federal Government’s Investigative and Remediation Capabilities
In an attempt to investigate and remediate cyber incidents, this section asserts the importance of logging information and retaining relevant data collected by agencies and IT service providers from within systems and networks. This creates log requirements for federal departments and agencies to better solve the problems of threats and incidents.
Section 9: National Security Systems
Finally, the Secretary of Defense will adopt National Security Systems requirements through the National Manager which will issue a National Security Memorandum on programs, standards and requirements in relation to cybersecurity requirements set forth in this Executive Order.