President Biden executive order to strengthen U.S. Cybersecurity will impact federal agencies and public and private sector organisations
On May 12, President Joe Biden issued the Executive Order on Improving the Nation’s Cybersecurity. This executive order (EO) is the most recent action by the administration to strengthen U.S. national cyber defenses and address cybersecurity threats and attacks that continue to grow in magnitude, impact and frequency. It is intended to protect networks in the federal, public and private sectors, and to strengthen the nation’s ability to respond to cyber attacks when they occur, as well as to improve information sharing between the U.S. government and the private sector.
The EO is a step toward moving government action from response to attacks post-occurrence to prevention.
Removing barriers to sharing threat information between the public and private sector.
The EO should dramatically improve the intrusion detection capabilities on federal government networks.
Based upon an initial interpretation of the EO, organisations should anticipate new regulations, such as Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS), for those that do business with the U.S. federal government. Organisations can also expect new enforcement to ensure cybersecurity compliance, as well as new structures to enhance speed and coordination among federal agencies to respond to future incidents. This will have a trickle-down effect on all current security frameworks in federal agencies, as they will need to be revised to be in compliance with the EO’s new cybersecurity standards. In turn, these standards will trickle down to organisations working with or receiving grants from the federal government.
Protiviti can assist organisations with preparing to respond to the evolving threats posed by cyber attacks. Our professionals can:
- Help prepare, assess and remediate organisations’ compliance with U.S. government data and privacy protection regulations including FAR, DFARS, NIST SP 800-53, NIST SP 800-171, and Cybersecurity Maturity Model Certification (CMMC).
- Assist organisations in properly evaluating, planning and executing the transition to a secure, modernised and efficient cloud computing environment.
- Assist with cybersecurity incident response planning, execution, emergency response and crisis management.
- Help organisations evaluate, plan and execute the transition to a zero trust architecture across their environment (e.g., in the cloud and on-premise) by implementing zero trust principles and adhering to guidance such as NIST 800-207.
- Assess, plan, implement and orchestrate MFA and encryption solutions to better protect digital assets.
To discuss further, reach out to Protiviti at [email protected].