Security News
The problem is that while the Executive Order is a great start, the two primary requirements for putting Zero Trust into effect, MFA and encryption, don't really close all cloud security gaps. These attack vectors show the importance of SaaS security management to cloud security as a whole.
If we move too fast, while attempting to shift to the cloud, we will create more issues. Urgently configured cloud migrations make my job a breeze, especially when we're taking solutions that weren't secured well in the first place, to a new cloud environment.
TechRepublic's Karen Roby spoke with Jennifer Bisceglie, CEO of Interos, about President Joe Biden's executive order on cybersecurity. The first one talks about all software that the government purchases needs to meet new cybersecurity standards within six months, so they actually put a timeframe around it, around multi-factor authentication, endpoint detection and response of software.
There's still a lot of work to be done, but it will help companies feel better about reporting breaches and sharing information.
The compromise of SolarWinds enterprise solutions and the recent Microsoft Exchange zero-days have had a tremendous impact on the security posture of many US organizations, and it was just a matter of time before the US federal government took steps to act on these threats. While there's some focus on threat intelligence sharing between different agencies and between providers and federal agencies, I am going to be focusing this article on the more preventive security measures outlined in the EO, specifically relating to modernizing federal government IT infrastructure, supply chain security and vulnerability management.
For the US government and its suppliers, this executive order represents massive change. This post focuses on the Executive Order on Improving the Nation's Cybersecurity and its impact on cybersecurity and the zero trust approach.
Commentary: It's progress that President Biden's executive order recognizes the need to secure open source software. Writing at that time, Recordon said, "The pandemic and ongoing cyber security attacks present new challenges for the entire Executive Office of the President." Fast forward to May 2021, and President Biden issued an executive order on improving the nation's cybersecurity, with Recordon's open source fingers all over the document.
Though most of the EO is aimed at government agencies, vendors and developers will have to design all of their products with a greater focus on security, according to Finite State. With ransomware attacks increasingly impacting businesses, government agencies and critical infrastructure, President Joe Biden last week signed an executive order designed to shore up the nation's cyber security.
Companies will be more likely to update their technology to prevent infrastructure attacks in the future, and sharing intel on attacks can help, cybersecurity expert says.
On Wednesday, President Biden signed an executive order that aims to strengthen the nation's ability to prevent and respond to cyberattacks that threaten vital assets and systems. Noting that the country's insufficient cybersecurity defenses leave the public and private sectors more vulnerable to cyber incidents, the Executive Order on Improving the Nation's Cybersecurity addresses several key areas for improvement.