To embed, copy and paste the code into your website or blog:
On Wednesday, May 12, 2021, President Biden issued an ambitious and sweeping Executive Order focused on combating digital threats to US networks and infrastructure. The Executive Order on Improving the Nation’s Cybersecurity (Cybersecurity EO) sets out to improve cybersecurity, particularly in relation to federal government systems, and follows several significant cyber incidents affecting the nation’s critical infrastructure. By leveraging the federal government’s significant purchasing power to direct agencies to develop and ultimately impose a variety of new cybersecurity mandates, the Biden Administration seeks to increase cybersecurity requirements across the federal government and a range of critical industries.
Seyfarth Synopsis:
On May 12, 2021, President Joe Biden issued a very broad, 34 page “Executive Order on Improving the Nation’s Cybersecurity.” The Executive Order, or “EO”, can be found here. This order comes six months after the notorious SolarWinds attack, and mere weeks after other high-profile attacks have invaded our networks, and shut down pieces of the nation’s critical infrastructure causing gasoline shortages in certain parts of the country.
By “force of law” the EO applies only to the federal government and federal government systems. By extension, the EO applies, or will apply, to thousands of government contractors and subcontractors that provide IT goods and services (e.g., software) to the US government. Notably, many of the cybersecurity provisions have yet to be written and many will have to go through a drafting and comment period. Other of the provisions may look “new” but have actually been around for a while (like multi-factor authentica
To embed, copy and paste the code into your website or blog:
On May 12, 2021, the Biden Administration issued an Executive Order on “Improving the Nation’s Cybersecurity” (EO). The EO was in the works prior to the Colonial Pipeline cyberattack, reportedly a ransomware incident that snarled the flow of gas on the east coast for days. Ransomware attacks are nothing new, but they are increasing in severity. Most do not see the large sums paid to hackers by victim organizations needing access to their encrypted data or wanting to stop a disclosure of sensitive information if they can. But most do see the crippling of vital infrastructure caused by compromised computer systems without which basic services cease to flow.
[co-author: Tawanna Lee]
On May 12, 2021, President Biden issued the long-expected
Executive Order on Improving the Nation’s Cybersecurity (“EO” or “Order”). The EO comes amidst a series of high-profile cyber-attacks on the Nation and its critical infrastructure, Information and Communications Technology (ICT) supply chain providers, and federal contractors, adding a heightened sense of urgency behind its implementation. In the related Fact Sheet the White House notes that “[r]ecent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals.”