Enactment of President Biden's Order Concerning Cybersecurity Measures

In a significant move to bolster the nation's cybersecurity defenses, President Biden signed an Executive Order on May 12, 2021. This order, aimed at modernizing the approach to cybersecurity, applies immediately to federal agencies and contractors.

The order recognizes that state and local governments face similar cybersecurity risks as the federal government. To address this, it provides guidance for these entities to modernize their cybersecurity approach. In March 2021, the American Rescue Plan Act was signed into law, allocating nearly $2 billion in cyber and tech funds for state and local governments. Federal agencies such as the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Homeland Security (DHS), and other related entities have received financial resources for cybersecurity improvement and IT infrastructure modernization.

The Executive Order promotes the use of zero-trust architecture, cloud technology, and multifactor authentication. Zero-trust architecture, a security concept centred on the belief that organisations should not automatically trust anything inside or outside its perimeters, is being migrated to by agencies to eliminate implicit trust in their information systems. Advanced identity and access management principles such as risk-based authentication, privileged access monitoring and auditing, and enforcement of just-in-time access and the principle of least privilege are being applied in the zero-trust architecture.

To enhance software supply chain security, the order establishes baseline security requirements for software sold to the government. Software vendors are required to comply with updated National Institute of Standards and Technology guidelines. The order also aims to incentivize the market to adopt secure software development practices by leveraging the federal government's purchasing power.

Agencies are planning for and responding to security incidents by conducting business impact analysis and disaster recovery planning. Prioritization of remediation investment is being done for security incidents, and security risks are being assessed, priorities are being set for defects, recommendations for remediation are being provided, and mitigation strategies and risk acceptance processes are being defined.

Incident response strategy and plans are being developed, incident response readiness is being tested through table-top exercises, training is being provided, and incidents are being detected and contained. The order includes measures for eliminating contractual barriers, implementing endpoint detection and response initiatives, standardising incident reporting, and devising policies for network and system logs.

The order also requires the use of tools for early detection of cybersecurity vulnerabilities and incidents. Security assessments and vulnerability testing are being conducted to identify security deficiencies in high-value information and business technology assets. The order's focus on adopting modernized practices is intended to strengthen the security posture of the nation.

The Executive Order marks a significant step towards securing the nation's digital infrastructure, with the aim of enhancing the resilience of government operations against cyber threats. The funds allocated through the American Rescue Plan Act will support upgrades in technology across government operations, bolstering defenses against cyber threats and ensuring the security of the nation's digital assets.