New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

President Biden Issues Executive Order Prioritizing Cybersecurity for US Government

On May 12th, a new Executive Order (EO) was issued that requires US federal government agencies to prioritize improvements to cybersecurity, including implementing a zero-trust model, centralizing access to security information, and requiring federal contractors to report information to the government through changes in contract language. The order states that information sharing and cooperation between the government and private industry is necessary, but the language of the order only addresses the flow of information one way: from private industry to the US government through reporting, and then from government agencies to other government agencies internally. Many companies in private industry could benefit from an increased flow of information from the government to the private sector, but that was not addressed in this order.

Some of the specific requirements of the order that will undoubtedly benefit the government agencies include:

  • Required implementation of Multi-Factor Authentication (MFA) everywhere
  • Required encryption of data at rest (unless it is not feasible)
  • Evaluation of the most sensitive data on unclassified systems that attackers might seek, to prioritize the protection and detection efforts around that data
  • Focus on early detection of threats, rather than relying on defensive controls alone
  • Implementing Zero Trust Architecture across government
  • Measures to enhance supply chain verification and validation of products
  • Standard requirements for event logging and data retention

Analyst Notes

While it remains to be seen how well the US government agencies will implement the requirements outlined in the Executive Order, private industry can benefit from focusing on some of the same recommended actions. Requiring MFA, encrypting data at rest, and especially improvements in event logging, log retention and availability to search are all important foundations of a security program. None of these measures are easy to implement, but as more companies and the US government adopt these security approaches, the number of options and quality of commercial solutions to these challenges will likely grow, and the cost should come down as a result of competition.

 

Source: https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/