To embed, copy and paste the code into your website or blog:
On May 12, 2021, President Joe Biden issued a wide ranging Executive Order “On Improving the Nation’s Cybersecurity,” which was in the works after the SolarWinds cyberattack and arrived soon after a ransomware attack on the Colonial Pipeline Company that cut off fuel supply to most of the east coast of the United States. The Order places responsibility on both the Departments of Defense and Homeland Security to require agencies to protect their data, provide for more information sharing of cyber-attacks, and establishes a cyber incident review group. The Order includes the following information and procedures relevant to all federal government contractors and subcontractors.
The Establishment of a Cyber Safety Review Board
Community Chats Webinars Library
In 2013, the Obama Administration began asking what government could do to improve cybersecurity. By February 2014, Farnam Jahanian, Assistant Director for Computer and Information Science and Engineering at the National Science Foundation, convened a three-day “idea lab” to come up with suggestions. You can see the resulting report, titled
Interdisciplinary Pathways Towards a More Secure Internet,here.
One of the ideas we worked on was a “Cyber NTSB.” This concept has so much appeal because of the frustration security people feel over the lack of transparency and conflicting messaging around major cyber incidents. The breach of the Office of Personnel Management (OPM) in April 2014 may have been the trigger, but the SONY Entertainment hack later in 2014 created a lot of spurious speculation. Was it disgruntled insiders? Was it North Korea responding to a Seth Rogen movie?
[co-author: Tawanna Lee]
On May 12, 2021, President Biden issued the long-expected
Executive Order on Improving the Nation’s Cybersecurity (“EO” or “Order”). The EO comes amidst a series of high-profile cyber-attacks on the Nation and its critical infrastructure, Information and Communications Technology (ICT) supply chain providers, and federal contractors, adding a heightened sense of urgency behind its implementation. In the related Fact Sheet the White House notes that “[r]ecent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals.”
By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:Section 1.
The pipeline attack and SolarWinds hack were all but inevitable – why national cyber defense is a ‘wicked’ problem | Opinion
Updated May 11, 2021;
Posted May 11, 2021
Military units like the 780th Military Intelligence Brigade shown here are just one component of U.S. national cyber defense. (Fort George G. Meade Public Affairs Office/Flickr)
Facebook Share
·
·
Many U.S. companies outsource software development because of a talent shortage, and some of that outsourcing goes to companies in Eastern Europe that are vulnerable to Russian operatives.
·
U.S. national cyber defense is split between the Department of Defense and the Department of Homeland Security, which leaves gaps in authority.