The U.S. needs to bring together the brightest minds and most advanced technologies from the public and private sectors to protect the nation from malicious cyber-attacks.
Why it’s important: Strengthening the country’s cybersecurity is achievable through close collaboration between government and industry, leveraging modern cybersecurity strategies across the entire digital ecosystem.
The background: On May 12, the Biden Administration signed an Executive Order on Improving the Nation’s Cybersecurity.
The Cybersecurity Executive Order (EO) represents a bold step in recognizing cybersecurity as a national priority and provides concrete recommendations to address ever-evolving and increasingly sophisticated threats.
The order provides numerous short-term requirements that federal agencies must meet in the coming weeks and months.
Microsoft Federal is ready to partner with federal agencies to define and drive a new era in cybersecurity.
What this means: The company is committed to answering the nation’s call to strengthen inter- and intra-agency abilities to unlock the government’s full cyber capabilities — for the immediate EO deliverables and the longer-term EO vision.
The idea: Microsoft’s communication and collaboration tools combined with its Zero Trust Architecture dramatically reduce cyber risks while protecting an agency’s sensitive systems and data.
The technology company has outlined a few immediate steps agencies can take to meet the important EO milestones:
1. Accelerate modernization by identifying and monitoring risk.
Agencies can get started by enabling sign-on applications, setting up conditional access to enforce multi-factor authentication (MFA), and registering and provisioning devices to establish a dynamic asset inventory.
2. Build on monitoring insights to establish risk-prioritized actions.
Adding a dynamic and risk-based context evaluation to authorization can be achieved through a simple and consistent centralized policy with Azure AD Conditional Access.
3. Focus on increasing protection.
Agencies can increase cyber protection by enforcing BYOD mobile device management (MDM) enrollment during authorization to provide an inventory of non-enterprise devices.
The takeaway: Working in partnership, government and industry can come together to accelerate security modernization, meet short- and long-term EO requirements and adopt a robust cyber posture that evolves with the complexity of modern government.