Key Points
On Wednesday, May 12, 2021, President Biden issued EO 14,028, “Improving the Nation’s Cybersecurity.” The EO sets out an ambitious schedule of reviews and rulemakings that portend significant changes in the software and cybersecurity industries, particularly for government contractors and cybersecurity and software solution providers. In the view of the administration, these changes should be regarded as the new normal of what will be considered “reasonable” cyber and supply chain security practices applicable to the government and potentially the private sector in other industries and sectors.
Most importantly, the EO sets in motion a series of reviews and rulemakings around two initiatives that will directly affect certain government contractors and those who sell software and related services to U.S. federal agencies: enhancing and expanding cyber and supply chain incident reporting and threat information sharing (Section 2); and creating and enforcing softw
Advertisement
Executive Order on Improving US Cybersecurity: An Ambitious and Timely Call for a Broad Range of Cybersecurity Improvements Monday, May 24, 2021
On May 12, 2021, President Biden issued an executive order entitled
Improving the Nation’s Cybersecurity (EO). The EO was released only days after the cyberattack impacting Colonial Pipeline, and several months following discovery of the penetration of various federal agencies as a result of the Solar Winds cyber breach by Russian hackers in 2019. The 34-page EO calls for broad and ambitious changes intended to improve Federal Information System cybersecurity, and the prevention, detection, assessment, and remediation of cyber incidents that pose a risk to national and economic security. Many of the changes contemplated by the EO could have significant impacts on contractors doing business the with federal government, and greatly increase their reporting responsibilities and cybersecurity obligations. This GT
The President’s new Executive Order on Improving the Nation’s Cybersecurity includes wide-ranging measures intended to strengthen security standards for the federal government and.
To print this article, all you need is to be registered or login on Mondaq.com.
On May 12, 2021, the Biden Administration issued its much
anticipated Executive Order on Improving the Nation sCybersecurity. Below are provisions we
believe will be of most interest to contractors, as well as any
company that provides information technology ( IT ) and
operational technology ( OT ) services, cloud computing,
software, or internet of things ( IoT ) technology, as
the new regulations and standards called for in the Order are
likely to have an impact beyond government contractors.
Sec. 2 - Sharing Threat Information -
recognizes
IT and OT service providers, including cloud
To embed, copy and paste the code into your website or blog:
On May 12, 2021, President Joe Biden issued a wide ranging Executive Order “On Improving the Nation’s Cybersecurity,” which was in the works after the SolarWinds cyberattack and arrived soon after a ransomware attack on the Colonial Pipeline Company that cut off fuel supply to most of the east coast of the United States. The Order places responsibility on both the Departments of Defense and Homeland Security to require agencies to protect their data, provide for more information sharing of cyber-attacks, and establishes a cyber incident review group. The Order includes the following information and procedures relevant to all federal government contractors and subcontractors.