In response to an increasing number of devastating cybersecurity incidents, the Biden Administration has recently issued an executive order to provide relevant guidance and support to the federal government, corporate sector, and a concerned public. IT security experts have praised this order’s many positive aspects, but they note that there are some additional issues that need to be addressed to meet the urgency of the situation.
In this article, we will summarize the main points of the executive order and discuss IT security expert recommendations for future cybersecurity actions.
Overview Of Biden Administration Executive Order
The main points of the Biden Administration executive order on cybersecurity are outlined below. The order recommends that all federal information systems should meet or exceed compliance standards related to the following actions:
- Modernizing federal government cybersecurity
- Enhancing software supply chain security
- Removing barriers to sharing threat information
- Standardizing the federal government’s playbook for responding to cybersecurity vulnerabilities and incidents
- Improving detection of cybersecurity vulnerabilities and incidents on federal government networks
- Improving the federal government’s investigative and remediation capabilities
- Establishing a cyber safety review board
The executive order also discusses how to better provide cybersecurity for the federal government by requiring government suppliers of software and technology products to improve their IT security. Some suggestions include tighter restrictions on how technology is developed, ensuring comprehensive and effective testing, and bolstering efforts to determine to what extent devices are secured. By securing the software and technology supply chain and detecting and removing bugs early in the process, it will be less likely that a bad actor will be able to penetrate government networks in the future.
In addition, the executive order underlines the importance of multi-factor authentication (MFA), endpoint detection, and good cyber hygiene. The executive order also recommends the establishment of a cybersecurity safety review board to investigate incidents and share valuable lessons learned from significant cybercriminal events.
The executive order notes that similar enhanced IT security recommendations should apply to government contractors and vendors as well as private businesses.
The Biden Administration took the further step of releasing a complementary memo on cybersecurity to business leaders urging them to take the initiative in addressing this emergency situation, which has shaken the public’s confidence in the security of critical infrastructure.
This complementary memo urges businesses and organizations of all sizes to convene leadership teams to confront the increasingly more dangerous challenges of cybersecurity . These teams would have the responsibility of formulating strategies and specific policies that will evaluate and address:
- Ransomware threats
- Network vulnerabilities
- Organizational IT security posture issues
- Incident response plans
- Business continuity plans and backups
One critical element in the recommendations is the requirement that vendors involved in the government procurement process furnish a “software bill of materials” or SBOM for all software products. An SBOM provides a complete listing of the exact software components utilized in each product, including any open-source components. With this technical information easily accessible, federal agencies would be able to quickly analyze and assess whether they would be at risk from using any new products. In addition, this information would also help federal security specialists in responding to any cybersecurity incidents with greater speed and effectiveness.
Expert Recommendations For Future Cybersecurity Actions
As welcome as this executive order is in the wake of high-profile incidents such as the ransomware attack on Colonial Pipeline and on a water treatment plant in Florida, security experts were quick to point out some areas that still need to be addressed.
One main recommendation that security experts emphasize is the importance of mandating software behavior transparency requirements. The purpose of a behavior transparency framework is to communicate the expected actions of interest that a specific piece of software will take on a device or on the network. This comprehensive framework helps security analysts distinguish between expected noise versus any indications of compromise. This tool gives security teams an advantage in identifying the exploitation of unknown vulnerabilities in any proprietary or open-source software. As these frameworks are already standard industry practice for most major software vendors, it makes sense for the Biden Administration to make this methodology more readily available and to require its use in government business.
Security experts further recommend that a federal agency such as the Cybersecurity and Infrastructure Security Agency should establish and administer a clearinghouse for behavior transparency data. This clearinghouse should also include a mechanism for users to provide feedback to software vendors to help correct security deficiencies. A clearinghouse of useful information will enable more organizations to have easy access to the behavior transparency data of software companies and a forum where they can discuss these issues with other software users. With these valuable tools, organizations and security analysts will be able to identify and resolve cybersecurity vulnerabilities more easily.
Consult With A Trusted IT Partner
During this unprecedented time of increased cybercriminal activity, we encourage your organization to reach out to a trusted IT Support Partner, such as Network Depot, to better understand the recommendations and implications of the Biden Administration executive order on cybersecurity. With the help of a reliable IT partner, you can ensure that your company is optimally protecting itself against the significant threats addressed in this executive order.
A reliable IT partner will support your organization by assessing your organization’s current cybersecurity efforts and determining your strengths and weaknesses in this important area. Your IT partner will also offer your small business valuable advice and will implement any necessary solutions to help protect your organization against aggressive cybercriminals during this risky time. By following the recommendations in this executive order and working closely with your IT partner, your organization will be able to handle any cybersecurity challenges and maintain your focus on achieving your unique objectives.