Biden’s cybersecurity order aims to fortify government and industry defenses

In a significant move to enhance the nation’s cybersecurity, President Joe Biden signed an executive order on Thursday aimed at strengthening and promoting innovation in the United States’ cybersecurity infrastructure. The directive builds on previous efforts and introduces new measures to address the growing cyber threats from adversarial nations and criminal entities.

Key Directives of the Executive Order

At the heart of the executive order is a series of directives aimed at securing government networks, drawing on insights gained from recent high-profile incidents, particularly the security lapses involving federal contractors. The order, titled “Strengthening and Promoting Innovation in the Nation’s Cybersecurity,” mandates that software vendors provide evidence of adhering to secure development practices. The Cybersecurity and Infrastructure Security Agency (CISA) will be responsible for verifying these security claims and collaborating with vendors to address any identified issues.

Other key highlights include:

1. Enhancing federal communications and identity management: Strengthening the security of federal communications and identity management systems is a priority. This includes adopting privacy-preserving digital identity solutions to protect users from cyberattacks.
2. Promoting innovation: The order encourages the development and deployment of new technologies, such as AI-based tools for cyber defense and post-quantum cryptographic algorithms, to stay ahead of evolving threats.
3. Operationalizing transparency in software supply chains: The federal government will adopt secure software acquisition practices and ensure that software providers use secure development practices. This step aims to mitigate the risks posed by insecure software.
4. Effective sanctions against cyber attackers: The order enhances the U.S. government’s ability to impose sanctions on cyber attackers, including ransomware attackers, making it more challenging for them to operate.
5. Cybersecurity in Space: Requires enhanced protections for space systems and ground stations to address evolving threats, with agency reviews and updates to cybersecurity requirements due within 180 days.

Industry Leaders Weigh In

“President Biden’s final cybersecurity executive order takes a bold step in addressing the evolving threats our nation faces, particularly from adversarial states like China, Russia and North Korea,” said Andrew Borene, executive director of global security for Flashpoint. “With its focus on secure software standards, emerging technologies and critical infrastructure, the order demonstrates a clear understanding of the challenges at hand and the need for decisive action.”

Another aspect of the order enhances CISA’s capability to monitor cyberattacks across federal agencies by leveraging the security software those agencies already use.

Borene emphasized that requiring contractors to commit to robust cybersecurity practices and empowering CISA to hold them accountable addresses a longstanding vulnerability in the public-private ecosystem. “It helps ensure the government isn’t just a buyer but also a driver of stronger security practices,” he noted.

Marcus Fowler, CEO of Darktrace Federal, expressed his support for the executive order’s recognition of the significant potential of AI-enabled cybersecurity. He noted that while AI introduces new challenges by enabling more sophisticated and rapid attacks, it also serves as a powerful defense. “AI presents new challenges for cybersecurity by enabling greater speed, scale, and sophistication of attacks, but it also serves as our best defense,” Fowler stated.

Fowler highlighted the increasing sophistication of the threat landscape in the age of AI, with a rise in novel multi-stage and multi-domain attacks that exploit a lack of visibility and siloes to move undetected between systems. He emphasized the importance of adopting AI-enabled cybersecurity tools, such as anomaly-based detection solutions, which can detect and respond to both known and novel threats. These tools are said to be crucial for maintaining the security of both public and private sector organizations.

While the executive order acknowledges AI’s ability to rapidly and effectively identify threats, Fowler believes that greater emphasis should be placed on AI’s role in stopping them.

“Specific types of AI can perform the micro decision-making necessary to respond to and contain malicious behavior in seconds,” he explained. Fowler also stressed the importance of private-public partnerships, noting that key areas of AI innovation are already occurring in the commercial space. Effective human-AI collaboration is essential for augmenting stretched security teams and helping organizations stay ahead of rising threats, he explained.

Chris Hauk, a consumer privacy champion at Pixel Privacy, expressed his approval of the executive order’s requirement for cloud providers to publish information on secure operations. He noted that many data breaches have resulted from misconfigured data buckets, often leaving sensitive information exposed to anyone with internet access and basic knowledge.

“Too many data breaches have been due to misconfigured data buckets, many times leaving the data stored in those buckets open to anyone with an internet connection and a little bit of knowledge,” Hauk explained.

Hauk also mentioned the uncertainty surrounding whether the incoming administration will maintain the executive order, but he remains hopeful that they will recognize its importance. “While it is not certain whether incoming U.S. President Donald Trump’s new administration will uphold the executive order, we can hope that they see the value in this executive order,” he stated.

James Scobey, chief information security officer at Keeper Security, emphasized the importance of workforce development in the executive order. He noted that upskilling teams in areas such as AI-driven threat analysis, compliance enforcement and secure software development is crucial for effective implementation.

“Upskilling teams in areas like AI-driven threat analysis, compliance enforcement and secure software development is essential for implementing these directives effectively,” Scobey stated. He highlighted that solutions like Privileged Access Management (PAM) and enterprise password management enable organizations to secure access to critical systems, streamline compliance, and equip teams with the necessary tools to navigate complex requirements.

Scobey also pointed out that the executive order reinforces the need for public-private collaboration and a unified approach to cybersecurity. He urged federal agencies to prioritize adopting zero-trust principles, enhancing identity and access management systems, and deploying PAM solutions to align with federal mandates.

“These proactive measures not only address compliance but also strengthen defenses against sophisticated threats targeting privileged accounts and sensitive data," Scobey explained.

Building a Stronger Foundation

The new policies expand upon previous initiatives by the Biden administration designed to strengthen defenses against cyberattacks, whether aimed at government systems, critical infrastructure such as ports and power plants, private businesses or individual users.

Earlier this month, the White House introduced a labeling initiative to guide consumers in choosing smart devices with stronger protections against hacking. As part of the Cyber Trust Mark program, manufacturers of internet-connected products can display a label indicating compliance with federal cybersecurity standards.