Internet Explorer 11 is not supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Joe Biden Signs Executive Order to Boost Cybersecurity

The order will increase the amount of shared information on cyberattacks and aims to improve government cybersecurity practices. The order comes just days after Colonial Pipeline temporarily closed due to a cyberattack.

(TNS) — President Joe Biden on Wednesday signed an executive order intended to strengthen U.S. cybersecurity through the sharing of information on attacks and adopting better practices throughout the government, as administration officials urged the private sector to build more secure software.

The order had been in the works for months, but it comes after a hack of Colonial Pipeline Co. forced the company to cut off the flow of fuel to much of the U.S. East Coast last Friday, leading to gasoline shortages and filling stations running out.

Colonial said Wednesday evening that the pipeline was returning to service.

A senior administration official told reporters on a conference call that the order only makes a down payment toward modernizing cyberdefenses, and stressed that the White House wants to focus on secure software development on building more secure software products for Americans.

All the software the federal government buys must meet the new standards within nine months, the official said, adding that the improvements in the federal government will be rolled out within six months.

And IT service providers that experience a hack will have new rules for sharing details about the incident, within specific timelines based on a sliding scale on the severity of the incident, added the official, who was granted anonymity to discuss the order.

The attacks on Colonial and one carried out last year on SolarWinds Corp., which compromised popular software to break into several government agencies and dozens of private companies, underscored the vulnerability of both government and private networks.

“Recent cybersecurity incidents such as SolarWinds, Microsoft Exchange and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity,” the White House said in a Wednesday release outlining the order. “These incidents share commonalities, including insufficient cybersecurity defenses that leave public and private sector entities more vulnerable to incidents.”

But officials, speaking on condition of anonymity, said that if all the provisions in the order had been in place already, it might not have prevented the attack on SolarWinds or the Colonial Pipeline.

The order requires companies that work with the U.S. government to meet certain software standards, as well require improvements for federal agencies’ basic security practices, including mandating data encryption and two-factor authentication, the official said.

The White House intends to create a cybersecurity incident review board that would investigate attacks.

The hackers stole almost 100 gigabytes of data from Colonial Pipeline’s networks in just two hours, before locking its computers with ransomware and demanding payment, according to two people familiar with the investigation.

As a result of the shutdown of Colonial — North America’s largest petroleum pipeline — gasoline shortages spread across the U.S. South after motorists raced to fill their tanks.


©2021 Bloomberg L.P. Distributed by Tribune Content Agency, LLC
Special Projects
Sponsored Stories
Sponsored
Workplace safety is in the spotlight as government leaders adapt to a prolonged pandemic.
Sponsored
While government employees, students and the general public had to wait in line for hours in the beginning of the pandemic, at-home test kits make it easy to diagnose for the novel coronavirus in less than 30 minutes.
Sponsored
Governments around the nation are working to design the best vaccine policies that keep both their employees and their residents safe. Although the latest data shows a variety of polarizing perspectives, there are clear emerging best practices that leading governments are following to put trust first: creating policies that are flexible and provide a range of options, and being in tune with the needs and sentiments of their employees so that they are able to be dynamic and accommodate the rapidly changing situation.
Sponsored
Service delivery and the individual experience within health and human services (HHS) is often very siloed and fragmented.
Sponsored
In this episode, Marianne Steger explains why health care for Pre-Medicare retirees and active employees just got easier.
Sponsored
Government organizations around the world are experiencing the consequences of plagiarism firsthand. A simple mistake can lead to loss of reputation, loss of trust and even lawsuits. It’s important to avoid plagiarism at all costs, and government organizations are held to a particularly high standard. Fortunately, technological solutions such as iThenticate allow government organizations to avoid instances of text plagiarism in an efficient manner.
Sponsored
Creating meaningful citizen experiences in a post-COVID world requires embracing digital initiatives like secure and ethical data sharing, artificial intelligence and more.
Sponsored
GHD identified four themes critical for municipalities to address to reach net-zero by 2050. Will you be ready?
Sponsored
As more state and local jurisdictions have placed a priority on creating sustainable and resilient communities, many have set strong targets to reduce the energy use and greenhouse gases (GHGs) associated with commercial and residential buildings.