USA: President issues executive order on improving national cybersecurity
The White House issued, on 12 May 2021, Presidential Executive Order on Improving the Nation's Cybersecurity. In particular, the order seeks to improve US cybersecurity and protect Government networks following recent security incidents, such as the ones involving SolarWinds, Microsoft Exchange, and Colonial Pipeline, and sets out measures to:
- remove barriers to threat information sharing between government and the private sector: the order seeks to ensure that IT service providers are able to share information with the Government and requires them to share certain breach information;
- modernise and implement stronger cybersecurity standards in the Government: the order helps to move the Government to secure cloud services and a zero-trust architecture, and requires the deployment of multifactor authentication and encryption with a specific time period;
- improve software supply chain security: the order attempts to establish baseline security standards for the development of software sold to the Government to improve software security;
- establish a cybersecurity safety board: the order establishes a Cybersecurity Safety Review Board, co-chaired by government and private sector leads, which may analyse what happened following a major cyber incident and provide recommendations on improving cybersecurity;
- create a standard playbook for responding to cyber incidents: the order creates a standard playbook which may be utilised by federal departments and agencies for cyber incident response;
- improve detection of cybersecurity incidents on federal networks: the order seeks to improve the ability to detect malicious cyber activity using a government-wide endpoint detection and response system and improved information sharing within the Government; and
- improve investigative and remediation capabilities: the order requires cybersecurity event logs for federal departments and agencies.
UPDATE (4 January 2022)
DHS launches cyber safety review board
The U.S. Department of Homeland Security ('DHS') launched, on 3 February 2022, the Cyber Safety Review Board ('CSRB'), which is a public-private initiative that will bring together government and industry leaders to elevate the nation's cybersecurity.
The DHS stated that the CSRB will review and assess significant cybersecurity events so that government, industry, and the broader security community can better protect U.S. networks and infrastructure and its first review will focus on the vulnerabilities discovered in late 2021 in the widely used Log4j software library
You can read the press release here.
UPDATE (7 January 2022)
NIST publishes various guidances as required under EO 14028
The National Institute of Standards and Technology ('NIST') published, on 4 February 2022, guidances as required under Executive Order ('EO')14028. In particular, NIST stated that Section 4 of the EO called for NIST to publish a variety of guidances that identifies practices to enhance software supply chain security, with references to standards, procedures, and criteria and it required NIST to initiate two labeling programs related to the Internet of Things ('IoT') and software to inform consumers about the security of their products.
You can read the press release and access the five guidances here.
UPDATE (17 June 2022)
CISA publishes draft guidance on cloud use case
The Cybersecurity and Infrastructure Security Agency ('CISA') announced, on 16 June 2022, that it had published a draft guidance on cloud use case titled 'Trusted Internet Connections 3.0, Cloud Use Case'. In particular, the draft builds upon the cloud security technical reference architecture required by the President's Cybersecurity Executive Order, and provides detailed architectural guidance on several different aspects of cloud services, to the end of securing federal data, networks, and boundaries while providing visibility into agency traffic, including cloud communications.
You can read the press release here.