15 May President Biden Issues Executive Order Improving Cybersecurity
Written by: Brett Lawrence, Esq.
On May 12, 2021, President Joe Biden signed an executive order to improve the nation’s cybersecurity and protect the federal government’s networks (the “Order”). In their official statement, the White House expressly mentioned that the Colonial Pipeline and other cybersecurity incidents were “sobering reminders” that malicious cyber activity remains prevalent.
The Order made clear that this does not obligate private sector companies to implement any adjustments to their information systems. However, the White House noted that it was their hope that the Order would encourage private sector companies to increase their cybersecurity practices.
Specifically, the Order implements the following protocols and procedures:
1. Removes Barriers to Sharing Threat Information
The Order incentivizes IT service providers to share information with government agencies by removing contractual barriers in the hopes of accelerating incident deterrence and prevention. Previously, these providers were limited in the amount of threat or incident information they could share.
2. Modernizing Federal Government Cybersecurity
The Order obligates the federal government to modernize its cybersecurity practices, such as security best practices, moving to cloud-based services and zero-trust architecture, and adopting two-factor authentication.
3. Enhancing Software Supply Chain Security
The Order requires the establishment of baseline security standards for developing software sold to the federal government. This includes requiring developers to maintain greater visibility into their software and making security data publicly available. The Order further creates an “energy star” label for government and the private sector to gauge the software’s level of security.
4. Creating a Cyber Safety Review Board
The Order instructs the Department of Homeland Security to create the Cyber Safety Review Board (the “Board”). The Board will be tasked with assessing “significant” cyber incidents affecting public and private information systems. The Board will comprise of government and private-sector entities.
5. Standardizing the Response to Cyber Incidents
The Order creates a standardized playbook and set of definitions for cyber incident response across all government departments and agencies.
6. Improving the Federal Government’s Detection of Cybersecurity Incidents
The Order improves the ability to detect malicious cyber activity by enabling system-wide endpoint detection and response systems and information sharing.
7. Improving the Federal Government’s Investigative and Remediation Capabilities
The Order requires event log requirements for all government departments and agencies.