June 23, 2021

President Signs Executive Order on Improving the Nation’s Cybersecurity: Where do we go from here?

The White House in Washington DC

President Biden’s intent behind signing this Executive Order is a step towards modernizing cybersecurity defenses by safeguarding federal networks and enhancing information exchange between the U.S. government and the private sector on cyber affairs. Today, cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline are highlighting the lack of cybersecurity defense leaving the public and private sector entities vulnerable to attacks.

What’s Improving with this Executive Order in Place?

Some of the key objectives of the Executive Order include:

  • Removing barriers from information sharing between the government and the private sector.
  • Modernizing and implementing stronger cybersecurity standards in the federal government.
  • Establishing baseline security standards for the creation of software sold to the government in order to improve software supply chain security.
  • Establishing a standard playbook and set of definitions for responding to cyber incidents.
  • Improving detection of cybersecurity incidents on the federal government’s networks by enabling a government-wide endpoint detection and response system.
  • Improving investigative and remediation capabilities through the creation of cybersecurity event log requirements.

Additional Recommendations

Although the signing of this Executive Order is a step towards modernizing cybersecurity defenses, federal action alone is not enough. A large amount of the domestic infrastructure is owned and operated by the private sector, meaning that they also make their own decisions about cybersecurity investments. Therefore, it is highly recommended for private sectors to follow the Federal government lead and take measures towards improving cybersecurity standards with the aim of decreasing future attacks. To fully protect the nation from these malicious attacks, the Federal Government must partner with the private sector.

Going forward, public and private stakeholders need to be proactive participants, rather than passive bystanders when it comes to the security of information. Preparation for when there will be a breach or attack is far more realistic than if there will be a breach or attack, with the focus on being forward-looking, prepared, and as secure as possible.

Additional Resources

Here are resources that provide more detail on the Executive Order:

We Can help

If you have questions about cybersecurity defense tools, Tevora’s team of cybersecurity specialists can help. Just give us a call at (833) 292-1609 or email us at sales@tevora.com.

About the Author

Julia Beakas is a Developing Consultant under the Federal Risk team at Tevora. She supports client and project research activities, preforms evidence reviews in support of various compliance frameworks, and assists with third-party vendor assessments.  Julia is currently a senior attending the University of Dayton where she is pursuing her bachelor’s in finance and management information systems.

 

Discover in-depth compliance resources and featured events