President Joe Biden signed an executive order that he says will improve the nation’s cybersecurity, following a hack of the computer systems linked to the Colonial Pipeline.
“We encourage private sector companies to follow the Federal government’s lead and take ambitious measures to augment and align cybersecurity investments with the goal of minimizing future incidents,” the White House said, while noting other past incidents such as with SolarWinds and Microsoft Exchange.
The 5,500-mile pipeline network carries gasoline and diesel from refineries in Texas and supplies about 45 percent of the fuel on the U.S. East Coast.
Atlanta-based Colonial restarted operations Wednesday afternoon after having temporarily shut down on May 7 following a ransomware attack by hackers who disabled some internal computer systems and demanded a ransom to release them.
Biden’s cybersecurity order requires that software companies contracted by the government meet certain cybersecurity standards. They will also have to report about any of their their own security breaches, and the order will remove any contractual barriers to doing so.
The order will create a test program where a particular software will be labeled with an “energy star” system so that the government and the public “can quickly determine whether software was developed securely.” The effort seeks to “use the purchasing power of the Federal Government to drive the market to build security into all software from the ground up.”
The order will also require a “zero-trust” approach to securing cloud services used by federal agencies, in part by mandating multifactor authentication and encryption within a specific time period to access such services.
Other initiatives in the order includes creating standard protocols for federal departments and agencies to respond to potential future cyber incidents. The “standardized playbook” will also serve as a guide for the private sector, the White House said.
The order also creates a “Cybersecurity Safety Review Board” that will be co-chaired by government and private sector heads to convene after significant cyber incidents to analyze and make recommendations going forward. The new board is modeled after the National Transportation Safety Board, which attends to airplane crashes and other incidents.
Under the new order, a government-wide endpoint detection and response system—a cyber technology that continually monitors and responds to address cyber threats—will be enabled on federal networks. The Biden administration will also create requirements for federal departments and agencies for logging events and retaining other relevant data within an agency’s systems and networks.