President Biden’s Final Cyber Security Executive Order  

Outgoing US President Biden will issue a cyber security Executive Order (EO) focusing on the recent damaging Chinese online attacks against US organisations.  

The proposed measures address growing threats from Chinese-linked cyber operations and criminal cyber attacks, which have targeted critical infrastructure, government emails, and major telecoms firmsUnder the draft order, contractors must adhere to stricter secure software development practices and provide documentation to be verified by the Cybersecurity and Infrastructure Security Agency (CISA). 

The ambitious final executive order requires 52 agency actions to bolster cyber protections and counter adversaries, including a new plan to address increasing digital identity theft. China’s offensive hacking campaigns has influence this EO.  

China’s aggressive global cyber activities have challenged governments in Australia, New Zealand and many others, with no detectable change in China's behaviour.   

Indeed, CISA's Director, Jen Easterly, has warned that the US must do more to protect against cyber threats posed by attackers linked to China. In fact, Chinese industrial espionage is estimated to be costing the US economy between USD $225 billion and USD $600 billion. Consequently, if the EO  serves to reduce the volume of data theft  there could be major financial savings. 

Typically, application of economic sanctions have been the initial punitive responses from US presidents to punish Chinese entities allegedly tied to cyber espionage activities.  Hover, these appear to have had no deterrent effect and have been met with equal Chinese resistance. 

Critics of the Biden administration say that it has had four years to introduce tougher measures - when they might  have had a greater impact in strengthening US preparedness - instead of delaying until its final days in power.

Furthermore, aside from the fact that EOs can be repealed by succeeding presidents, something that Biden did with Trump when he came into office, the idea of instituting these mandates when the most senior officials that helped put it together may be replaced in the new Administration seems to be counter-productive.  

US national cyber security is should be a non-partisan issue, given that no administration of either political party has gotten it right.  This is because cyber security is an evolutionary progression and not a program that can be ejected and replaced easily and it seems likely that President-elect Trump will continue to promote stronger cyber security measures.

The measure proposed in the draft EO will most  likely carried over by the Trump administration and  it is hard to argue against measures that strengthen zero-trust just because they were initiated by the opposing party. However, one facet of the EO that could likely face a setback is the section that will purportedly grant the Department of Homeland Security  and CISA too much more power.

While President Biden’s efforts at the conclusion of his term are commendable, EOs can be rescinded as quickly as they are implemented, and  these efforts would likely have been strengthened by working jointly with with the incoming Trump administration to ensure that they align with the  direction of future policy.  

Right now, it is unclear how much of Joe Biden’s last-minute executive order will be embraced by Donald Trump 

Politico   |    Oodaloop   |    CSO Online   |    CyberExpress   |   Cyberscoop   |   digWatch 

Image:

You Might Also Read: 

Trump 2.0: Cyberwarfare To Reach New Heights:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

 

« British Government Will Ban Payment For Ransom Attacks 
Tackling Cyber Threats In The Public Sector »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Digital Forensics Inc (DFI)

Digital Forensics Inc (DFI)

Digital Forensics Inc. is a nationally recognized High Technology Forensic Investigations and Information System Security firm

Resource Centre for Cyber Forensics (RCCF)

Resource Centre for Cyber Forensics (RCCF)

RCCF is a pioneering institute, pursuing research activities in the area of Cyber Forensics.

Technology Industries of Finland (TIF)

Technology Industries of Finland (TIF)

Technology Industries of Finland (TIF) is a business and labour market lobbying organization that promotes the competitiveness and business conditions of Finland’s most crucial export industry.

CyberPilot

CyberPilot

CyberPilot ApS is a Danish cybersecurity company. We work with all types of companies and organisations, both large and small, who want to achieve effective cybersecurity.

Sepior

Sepior

Our vision is to make Sepior the leading provider of cloud-encryption software in the world.

Computer Forensic Services

Computer Forensic Services

Computer Forensic Services are digital evidence specialists. Practice areas include Information Security, e-Discovery, Law Enforcement Support and Litigation.

Unitrends

Unitrends

Unitrends helps IT pros do more with less by providing an all-in-one enterprise backup and continuity solution.

Cyber Security Challenge UK

Cyber Security Challenge UK

Cyber Security Challenge UK is a series of national competitions, learning programmes, and networking initiatives designed to identify, inspire and enable more people to become cybersec professionals.

Satori Cyber

Satori Cyber

The Satori Cyber Secure Data Access Cloud is the first solution on the market to offer continuous visibility and granular control for data flows across all cloud and hybrid data stores.

Netenrich

Netenrich

The Netenrich operations intelligence platform is built from the ground up to help enterprises resolve everyday and futuristic problems for stable, secure environments and infrastructures.

Kratos Defense & Security Solutions

Kratos Defense & Security Solutions

The Kratos Space, Training, and Cybersecurity division addresses key cybersecurity challenges, including cloud security, continuous monitoring, IT security, and risk management.

Three Wire Systems

Three Wire Systems

Three Wire is a leader in innovative and efficient technology solutions for government agencies and large enterprise corporations.

Neosoft

Neosoft

Néosoft is an independent digital transformation consulting group with expertise in Consulting & Agility, Cybersecurity, Data, DevOps, Infrastructure & Cloud and Software Engineering.

Corix Partners

Corix Partners

Corix Partners is a Boutique Management Consultancy Firm focused on assisting CIOs and other C-level executives in resolving Cyber Security Strategy, Organisation and Governance challenges.

AppSOC

AppSOC

AppSOC is a leader in Application Security Posture Management (ASPM) and Code-to-Cloud Vulnerability Management.

Styx Intelligence

Styx Intelligence

Styx Intelligence’s platform provides visibility and supports remediation against threats targeting your digital assets.