On May 12, 2021, The US President issued an “Executive Order on Improving the Nation’s Cybersecurity.”
This announcement came soon after the Colonial Pipeline Cybersecurity Attack. The cyber-attack exposed weaknesses that exist in the federal cybersecurity infrastructure. Even after paying over 5 million dollars in ransom to recover the data, the pipeline’s temporary shutdown had immense effects on an entire region of the US. Although no cybersecurity solution can 100% protect a similar attack from occurring, improving the security posture of federal agencies can help prevent it.
The executive order requires US federal government agencies to improve their security posture to prevent attacks like this one in the future. Specifically, it calls for Federal Civilian Executive Branch (FCEB) agencies to “modernize” their cybersecurity.
The executive order outlines in multiple sections some key steps to improve the cybersecurity posture of US federal government agencies to prevent attacks like this one in the future.
Section 3: Modernizing Federal Government Cybersecurity
The executive order states, “The Federal Government must bring to bear the full scope of its authorities and resources to protect and secure its computer systems, whether they are cloud-based, on-premises, or hybrid.” Implementing solutions such as Cloud Access Security Broker (CASB) and Secure Access Service Edge (SASE) can help any organization extend its cybersecurity to the data in the cloud. These solutions are key as federal government agencies are now being asked to move closer to a Zero Trust Architecture.
It also requires FCEB agencies to adopt multi-factor authentication and encryption for data at rest and in transit. Products such as Plurilock DEFEND can be a critical solution for federal agencies as it works to continuously authenticate users as they are online.
Section 7: Improve the Detection of Cybersecurity Vulnerabilities and Incidents on Federal Government Networks
The executive order calls FCEB Agencies to deploy an Endpoint Detection and Response (EDR) initiative. They also highlight the need to “maximize the early detection of cybersecurity vulnerabilities and incidents on its networks.” Our experts can help engage your organization with solutions that meet the demands of these new requirements. By detecting penetration tests and vulnerability management, you can better remediate vulnerabilities before an attack occurs. Additionally, by implementing EDR solutions, an attack can be quickly detected so that a hacker can be stopped in their tracks.
This White House executive order highlights steps that federal government agencies will be required to take to strengthen their cybersecurity. As we go forward, we expect these requirements and best practices to extend to any and all organizations. Whether you are a part of a federal agency, a state agency, or a commercial organization, increased security is necessary as attacks are becoming more sophisticated and frequent.
See the full executive order here: