"Today [on Wednesday], President Biden signed an Executive Order to improve the nation’s cybersecurity and protect federal government networks. Recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that US public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals," the release said on Wednesday. "This Executive Order makes a significant contribution toward modernizing cybersecurity defenses by protecting federal networks, improving information-sharing between the US government and the private sector on cyber issues, and strengthening the United States’ ability to respond to incidents when they occur."
The executive order requires IT service providers that work for private sector companies to share information in case of a breach as well as removes any contractual obligations precluding the providers to disclose such information. Service providers in the private sector must report breaches to the federal government within three days, according to the order.
The order also provides for the implementation of stronger cybersecurity standards in the federal government by securing cloud services, a zero-trust architecture, and mandating the deployment of multifactor authentication and encryption.
In addition, the order establishes a cybersecurity safety board that will be convened following a significant cyber incident to analyze and investigate the causes.
In the coming months to a year, an inter-agency process must identify ways to better secure federal data and strengthen cybersecurity infrastructure, the order said.
The executive order was signed amid an ongoing investigation of major cyberattacks on the Colonial Pipeline last week which led to notable fuel shortages across the southern states.