Security News > 2021 > May > A Renewed Push to Improve the Nation's Cybersecurity
Biden's Executive Order to improve the nation's cybersecurity is a good first step, but it is unlikely to materially change the defensive posture of the nation.
In response to recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline ransomware attack, President Biden on May 12, 2021 signed an Executive Order to improve the nation's cybersecurity and protect federal government networks.
The National Institute of Standards and Technology Cybersecurity Framework and the Department of Homeland Security's Continuous Diagnostic and Mitigation Program are good examples of past attempts to strengthen the federal government's security posture and improve cyber resilience.
Improve Software Supply Chain Security: Besides establishing baseline security standards for the development of software sold to the federal government, the EO calls for the creation of a pilot program to create an "Energy star" type of certification so the government - and the public at large - can quickly determine whether software was developed securely.
Establish a Cybersecurity Safety Review Board: To analyze what happened in a cyber-attack and derive concrete recommendations for improving cybersecurity, the EO calls for the creation of a Cybersecurity Safety Review Board, which is co-chaired by government and private sector leads.
Improve Detection of Cybersecurity Incidents on Federal Networks: Acknowledging the slow and inconsistent deployment of foundational cybersecurity tools and practices across government agencies, the EO calls for the deployment of a centralized endpoint detection and response initiative, active cyber-hunting, containment and remediation, as well as incident response.