In remarks at the White House Thursday afternoon, President Joe Biden said, “private entities are in charge of their own cybersecurity...and we know what they need. They need greater private-sector investment in cybersecurity.”
Responding to a reporter’s question during a briefing about the Colonial Pipeline cyber attack, Biden said, “The bottom line is that I cannot dictate that the private companies do certain things relative to cybersecurity....But I think it’s becoming clear to everyone that we have to do more than is being done now, and the federal government can be significant value added in having that happen.”
The executive order Biden signed Wednesday night to help protect the federal government against cyber attacks will have a ripple effect that can help business leaders guard against similar threats.
New Pilot Program
According to the White House, the executive order will establish a pilot program to create an “energy star” type of label so the government—and the public at large—can quickly determine whether software was developed securely. “Too much of our software, including critical software, is shipped with significant vulnerabilities that our adversaries exploit.”
A fact sheet issued by the White House said, “This is a long-standing, well-known problem, but for too long we have kicked the can down the road. We need to use the purchasing power of the Federal Government to drive the market to build security into all software from the ground up.”
Establishing Baseline Security Standards
“The Executive Order will improve the security of software by establishing baseline security standards for development of software sold to the government, including requiring developers to maintain greater visibility into their software and making security data publicly available,” the White House said.
It is consistent with a current process where the public and private sectors work together, “... to develop new and innovative approaches to secure software development and uses the power of Federal procurement to incentivize the market,” according to the fact sheet.
Where Government Is Ahead Of Private Sector
Mike Engle is the chief security officer at 1Kosmos, which provides digital identity protection services. He said the executive order, “... focuses heavily on zero-trust, meaning organizations cannot trust anything or anyone trying to gain access to their systems that they cannot verify [and that] they have zero trust themselves.
“This closes the biggest exposure of all— a password-based attack. According to the 2021 Verizon Data Breach Investigation Report, 61% of data breaches are caused by identity and credential compromises. This is one area where the government is ahead of the private sector, and this could be a catalyst for change in all industries. Once the government implements these changes, the private sector will inevitably follow as it protects them as well as their customers.”
Sharing Cyber Attack Information
In a background briefing for reporters Wednesday night, a senior administration official said, “companies need to share information about [their cyber attacks]. We're really focused on information [that can be used to ] help other entities defend themselves.
“We're really creating a common threshold across the federal government to say, ‘Let's make sure that info is shared so all can defend themselves and all can get out information to private sector stakeholders and others to enable them to defend themselves as well.’”
The official said the Cyber Security and Infrastructure Security Agency “... will be leading an effort to really solidify those details and define the thresholds of what needs to be shared for specific incidents, but it needs to be shared within specific timelines on a sliding scale based on the severity of the incident.”
Executives React To Presidential Directive
Business leaders responded favorably to Biden’s executive order.
Becoming More Cyber Resilient
Kelly Bissell, senior managing director of Accenture Security said, “We applaud President Biden for issuing the most significant cybersecurity policy directive we have seen.
‘Today, with this EO, we begin on a new path—one where governments and businesses can make faster, more informed decisions around the emerging threats, become more consistent, buy more secure products—and be more cyber resilient. Tomorrow the hard work begins. We are committed to bring our thousands of critical infrastructure clients together to shape the details to ensure that the vision for a more secure America becomes a reality,” he said.
Importance Of Working Together
Jason Oxman, president and CEO of the Information Technology Industry Council, said, “The ongoing threat of significant cyber intrusions underscores the importance of government and industry working together. We appreciate the focus on public-private collaboration in this Executive Order and its meaningful steps to modernize and streamline federal information systems, networks, and supply chains.
“We look forward to working with the Biden-Harris Administration to ensure that federal agencies and contractors have the proper resources and support to ensure that U.S. cybersecurity objectives are advanced while minimizing any potential impacts on privacy, civil liberties, and U.S. competitiveness.
Much-Needed Roadmap
Kiersten Todt, managing director of the Cyber Readiness Institute, observed that, “The Executive Order is a prescriptive and much-needed roadmap for addressing the most pressing cybersecurity challenges our nation is confronting. I am encouraged by how the federal government will lead by example in ensuring baseline cybersecurity standards across agencies, as well as by how the Administration is tying its engagement with the private sector to the quality of security it expects from industry.”
"help" - Google News
May 13, 2021 at 06:44PM
https://ift.tt/3boNp54
How Biden’s Executive Order Will Help Companies Guard Against Cyber Threats - Forbes
"help" - Google News
https://ift.tt/2SmRddm
Bagikan Berita Ini
0 Response to "How Biden’s Executive Order Will Help Companies Guard Against Cyber Threats - Forbes"
Post a Comment