Cybersecurity Executive Order Spells Out Changes for Federal Government Contractors
The Colonial Pipeline ransomware incident seems to have been the last straw that is forcing the U.S. government into action on cybersecurity. Earlier this month, President Joe Biden issued an executive order to improve the nation’s cybersecurity, which outlines significant changes in cybersecurity requirements for federal government contractors.
The order proposes improving software supply chain security, establishing a Cybersecurity Safety Review Board, creating a consumer labeling program, implementing Zero Trust Architecture and multifactor authentication, and requiring providers to share breach information that could impact government items.
A directive to implement Zero Trust Architecture throughout the federal government is among the most critical measures proposed. As we’ve discussed on this blog, Zero Trust limits access and lateral movement, looks for anomalous or malicious activity and truly embeds granular risk-based access. Basically, it eliminates the all-powerful global administrator.
The order also establishes a Cybersecurity Safety Review Board (CSRB), which will be modeled after the National Transportation Safety Board. The CSRB will be made up of federal officials as well as representatives from private-sector cybersecurity or software suppliers.
Getting these key factors and the rest of the executive order in place in a timely manner is of the utmost importance considering how the U.S. Eastern Seaboard was brought to its knees with an attack on major infrastructure.
Partner with 2W Tech to ensure you’re protected. Contact 2W Tech today to get started with your Cybersecurity Compliance Program and let our IT consultants do the work for you.