Biden Signs Sweeping Executive Order on Cybersecurity
Compliance
Compliance
DougOlenick) • May 12, 2021
President Joe Biden
President Joe Biden signed an extensive executive order Wednesday detailing the government s plan to increase cybersecurity protection across the public and private sectors, as well as securing the nation s digital infrastructure against that type of attack that targeted SolarWinds and its customers.
The Executive Order on Improving the Nation’s Cybersecurity covers a myriad of topics, including improving the ability for the public and private sector to share intelligence; modernizing the federal government s approach to cybersecurity; and enhancing supply chain security.
The executive order, which had been expected for weeks, is part of the Biden Administration response to a series of cybersecurity incidents that have happened over the last several months, including th
FISMA, or the
Federal Information Security Management Act, is a U.S. federal law passed in 2002 that seeks to establish guidelines and cybersecurity standards for government tech infrastructure, and in so doing protect government information and operations. The law was modified in 2014 to put more emphasis on continual monitoring with the passage of the similarly named
Federal Information Security Modernization Act; generally, discussions of FISMA refer to the set of regulations established by both these laws.
Like most federal cybersecurity laws, FISMA constitutes a complex set of rules that are intended to be at least somewhat flexible. While the initial intention of the law was to establish standards that the IT departments for federal agencies would follow, the sprawling nature of the government and its tight interconnection with private contractors means that the FISMA umbrella covers many, many organizations including, maybe, yours.
To embed, copy and paste the code into your website or blog:
In February 2021, the National Institute of Standards and Technology ( NIST ), which is a subdivision of the Department of Commerce in the United States Government, announced its nine priorities for the coming year.
While its guidance is voluntary, businesses would be well advised to follow NIST s lead, as it has become the gold standard for general Privacy and Data Security compliance in the United States.
Whether business leaders want to keep their regulators unconcerned, their clients happy, or their brand strong with regard to Privacy and Data Security, they ll need to know about NIST s new focuses.
The National Institute of Standards and Technology announced priorities for the coming year. Whether business leaders want to keep their regulators unconcerned, their clients happy, or their brand strong with regard to Privacy and Data Security, they'll need to know NIST's new focuses.
[co-author: Tawanna Lee]
On December 17, 2020, the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force (“the Task Force”) a public-private partnership whose membership includes industry representatives from the IT and Communications sectors, as well as federal government representatives released its Year Two Report (“Report”). This work takes on increased importance as the federal government and private sector grapple with software supply chain challenges in the unfolding SolarWinds incident.
The Report builds on prior Task Force efforts and summarizes the work of the five working groups to address challenges to information sharing, threat analysis, qualified bidder and manufacturer lists, vendor assurance, and impacts of the COVID-19 pandemic on ICT supply chains. It identifies areas for continued Task Force work to support SCRM efforts across government and industry. As various federal efforts focused on securing the ICT supply c