Biden issues executive order following mounting cyberattacks
President Biden signed an executive order Wednesday to improve the country’s cybersecurity following a series of high-profile cyberattacks in both the public and private sectors.
Why it matters: The United States is facing mounting cyberattacks — from the Colonial Pipeline hack to the SolarWinds and Microsoft Exchange attacks — and the Biden administration is feeling pressured to act quickly to combat vulnerabilities in the country’s infrastructure.
Details: The executive order will remove barriers to increase information sharing between the government and private sector to allow IT service providers to report breaches.
- “We'll be leading an effort to really solidify those details and define the threshold that needs to be shared for specific incidents, but it needs to be shared within specific timelines on a sliding scale based on the severity of the incident,” a senior administration official explained.
The order will also implement stronger cybersecurity standards across the federal government, including moving to secure cloud-based services.
- A senior administration official noted that outdated models or unencrypted data is one of the causes of compromised data, and the government must act as a leader in the space.
The order establishes a Cybersecurity Safety Review Board, modeled on the National Transportation Safety Board, to investigate incidents.
The executive order will also create baseline security standards for any software sold to the government, which in part will require developers to allow for greater visibility into their security data and software creation.
- “Colonial fundamentally was an IT incident, and this executive order will make IT software more secure,” an administration official said, noting that with more rigorous standards put in place, some of these IT incidents can be mitigated.
What we're watching: The administration official noted this is just one step in Biden’s push to strengthen America’s cybersecurity apparatus. Several lawmakers have called for the passage of cybersecurity bills in the wake of the latest attacks.