President Biden’s Final Cyber Security Executive Order  

Uploaded on 2025-01-17 in INTELLIGENCE-Hot Spots-China, GOVERNMENT-National, FREE TO VIEW

Outgoing US President Biden will issue a cyber security Executive Order (EO) focusing on the recent damaging Chinese online attacks against US organisations.  

The proposed measures address growing threats from Chinese-linked cyber operations and criminal cyber attacks, which have targeted critical infrastructure, government emails, and major telecoms firmsUnder the draft order, contractors must adhere to stricter secure software development practices and provide documentation to be verified by the Cybersecurity and Infrastructure Security Agency (CISA). 

The ambitious final executive order requires 52 agency actions to bolster cyber protections and counter adversaries, including a new plan to address increasing digital identity theft. China’s offensive hacking campaigns has influence this EO.  

China’s aggressive global cyber activities have challenged governments in Australia, New Zealand and many others, with no detectable change in China's behaviour.   

Indeed, CISA's Director, Jen Easterly, has warned that the US must do more to protect against cyber threats posed by attackers linked to China. In fact, Chinese industrial espionage is estimated to be costing the US economy between USD $225 billion and USD $600 billion. Consequently, if the EO  serves to reduce the volume of data theft  there could be major financial savings. 

Typically, application of economic sanctions have been the initial punitive responses from US presidents to punish Chinese entities allegedly tied to cyber espionage activities.  Hover, these appear to have had no deterrent effect and have been met with equal Chinese resistance. 

Critics of the Biden administration say that it has had four years to introduce tougher measures - when they might  have had a greater impact in strengthening US preparedness - instead of delaying until its final days in power.

Furthermore, aside from the fact that EOs can be repealed by succeeding presidents, something that Biden did with Trump when he came into office, the idea of instituting these mandates when the most senior officials that helped put it together may be replaced in the new Administration seems to be counter-productive.  

US national cyber security is should be a non-partisan issue, given that no administration of either political party has gotten it right.  This is because cyber security is an evolutionary progression and not a program that can be ejected and replaced easily and it seems likely that President-elect Trump will continue to promote stronger cyber security measures.

The measure proposed in the draft EO will most  likely carried over by the Trump administration and  it is hard to argue against measures that strengthen zero-trust just because they were initiated by the opposing party. However, one facet of the EO that could likely face a setback is the section that will purportedly grant the Department of Homeland Security  and CISA too much more power.

While President Biden’s efforts at the conclusion of his term are commendable, EOs can be rescinded as quickly as they are implemented, and  these efforts would likely have been strengthened by working jointly with with the incoming Trump administration to ensure that they align with the  direction of future policy.  

Right now, it is unclear how much of Joe Biden’s last-minute executive order will be embraced by Donald Trump 

Politico   |    Oodaloop   |    CSO Online   |    CyberExpress   |   Cyberscoop   |   digWatch 

Image:

You Might Also Read: 

Trump 2.0: Cyberwarfare To Reach New Heights:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

 

« British Government Will Ban Payment For Ransom Attacks 
Tackling Cyber Threats In The Public Sector »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Galaxkey

Galaxkey

Galaxkey is a data protection product that protects email, documents and any data using access control and an encryption platform.

APMG International (APM Group)

APMG International (APM Group)

APM Group is a global accreditation, certification and examination body specializing in certification schemes for individuals, organizations and software.

QA Systems

QA Systems

QA Systems provides software testing solutions for safety and business critical sectors and software safety and security standards.

Wallarm

Wallarm

Wallarm is the only unified, best-in-class API Security and WAAP (Web App and API Protection) platform to protect your entire API and web application portfolio.

Purple Security

Purple Security

Purple Security arises from the association of specialists in offensive security (ethical hackers, white hats) and experts in insurance, compliance and implementation of industry standards.

Cycode

Cycode

Cycode is the industry’s first source code control, detection, and response platform.

Vulcan Cyber

Vulcan Cyber

At Vulcan, we’re modernizing the way enterprises reduce their cyber risk. From detection to resolution, we automate and orchestrate the vulnerability remediation process dynamically and at scale.

01 Communique Laboratory

01 Communique Laboratory

01 Communique Laboratory is an innovation leader in the new realm of Post-Quantum Cyber Security.

Experis

Experis

Experis provide IT resourcing, project solutions and managed services. We enable organizations to cultivate individuals and teams prepared for the digital age.

Armexa

Armexa

Armexa is a leading provider of advanced industrial cybersecurity solutions that protect your critical OT and ICS infrastructure against ever-changing threats.

Matrium Technologies

Matrium Technologies

Matrium Technologies has been a leading provider of technology solutions since 1991, with a strong industry background in Network Testing, Network Visibility and Security.

Pionen

Pionen

Pionen are a specialist information security consultancy with excellent people and proven security delivery methodologies at its core.

Stacklet

Stacklet

Stacklet provides cloud governance as code platform that accelerates how Global 2000 manages its security, asset visibility, operations, and cost optimization policies in the cloud.

Apex Systems

Apex Systems

Apex Systems is a world-class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients’ digital visions.

EdgeWatch

EdgeWatch

EdgeWatch is a platform that helps information accredited security practitioners discover, monitor, and analyze devices that are accessible from the Internet.

Access Venture Partners

Access Venture Partners

Access Venture Partners are an early stage VC firm investing in bold founders and helping every step of the way. Areas we give special focus to include cybersecurity.