The Biden administration’s long-anticipated cybersecurity executive order lays the groundwork for modernizing cyber defenses and protecting critical services from attack by improving incident response and information sharing between the public and private sectors.
Acting CISA Director Brandon Wales testified before a Senate committee on May 11.
Brandon Wales, the acting chief of the Cybersecurity and Infrastructure Security Agency, conceded on Thursday the dozens of deadlines in the administration s new executive order will stretch the system as his agency and others work to enact President Joe Biden s wide-ranging plan to revamp the federal government s cybersecurity. I think the community is right to say this is ambitious, this is big, but I think that just reflects what s needed to confront the cybersecurity threats and risks that we face right now, Wales told reporters during an event hosted by the George Washington University s School of Media and Public Affairs.
By Justin Katz
May 13, 2021
The Biden administration’s long-anticipated cybersecurity executive order lays the groundwork for modernizing cyber defenses and protecting critical services from attack by improving incident response and information sharing between the public and private sectors.
The spate of recent high-profile attacks is a “sobering reminder” about how vulnerable public- and private-sector entities are to cyberattacks, according to a senior White House official, adding that the new EO represents a “fundamental shift in our mindset” from incident response to prevention.
It mandates several basic cybersecurity practices across the federal government such as multi-factor authentication, encryption and end point detection to be rolled out in as quickly as six months.
By Justin Katz
May 12, 2021
Lawmakers and government officials are re-examining the Transportation Security Administration s place in regulating the cybersecurity of the country s natural gas pipelines in the wake of the ransomware attack on Colonial Pipeline s business systems. The office responsible for those policies is historically short staffed and the agency has yet to address several issues brought up by government auditors in December 2018.
In this instance, Colonial Pipeline faced a crippling attack on its IT system, but the fallout from the event has regulators and lawmakers worried about how the U.S. is prepared to confront an assault on the industrial control systems that manage energy pipelines.
By Justin Katz
May 13, 2021
Is the Transportation Security Administration the best agency to be regulating the cybersecurity of the country s natural gas pipelines?
In the wake of the ransomware attack on Colonial Pipeline s business systems, lawmakers and government officials are concerned about how prepared the nation is to confront an assault on the industrial control systems that manage energy pipelines. They are also re-examining where the responsibility for the cybersecurity of energy pipelines should be housed.
The Department of Energy has been designated the sector-specific agency for cybersecurity incidents, and its Cybersecurity, Energy Security and Emergency Response office is managing response. The Cybersecurity and Infrastructure Security Agency is tracking the attack and publishing regular bulletins to industry about guarding against ransomware. The FBI is also investigating.