Immediately following a devastating cybersecurity attack on Colonial Pipeline, an executive order on cybersecurity has been signed by President Biden.
Other recent major cybersecurity events, such as the Microsoft Exchange server vulnerabilities that may have affected north of 60,000 organizations, and the SolarWinds hack that compromised nine federal agencies late last year, were specifically mentioned in the order. These attacks prove that the nation’s public and private sectors continue to face increasingly sophisticated malicious cyber activity from both nation-states and cybercriminals. Addressing the common attack factors will strengthen the entire cybersecurity landscape.
The executive order aims to change how companies manage and report cybersecurity incidents, give consumers better techniques to evaluate the security of products and services, and create a standard playbook for federal responses to breaches and attacks.
According to the White House supplied fact sheet, the order removes contractual obligations that can cause IT providers hesitant to share information about network breaches with the government.
The order may compel businesses to change how they communicate to the government and the public about their cybersecurity postures and may limit or eliminate payments of ransom demands. It also encourages private sector companies to take ambitious measures to augment and align cybersecurity investments to minimize future incidents.
A new incident review board has been created, modeled after the National Transportation Safety Board, which will have a private sector co-chair to quickly review major cyber incidents and make recommendations on actions regarding them. The administration is also directing the National Institute for Standards and Technology to begin developing a labeling system for Internet-of-Things devices to help consumers make smarter buying decisions, similar to a system already in place in Singapore. Ideally, this will help consumers make better buying choices when evaluating between products.
Increased transparency and communication are key to halting the spread of malicious activities that are growing in both frequency and devastation.