Resident Biden’s Final Cyber Security Executive Order  

Uploaded on 2025-01-17 in INTELLIGENCE-Hot Spots-China, GOVERNMENT-National, FREE TO VIEW

Outgoing US President Biden will issue a cyber security Executive Order (EO) focusing on the recent damaging Chinese online attacks against US organisations.  

The proposed measures address growing threats from Chinese-linked cyber operations and criminal cyber attacks, which have targeted critical infrastructure, government emails, and major telecoms firmsUnder the draft order, contractors must adhere to stricter secure software development practices and provide documentation to be verified by the Cybersecurity and Infrastructure Security Agency (CISA). 

The ambitious final executive order requires 52 agency actions to bolster cyber protections and counter adversaries, including a new plan to address increasing digital identity theft. China’s offensive hacking campaigns has influence this EO.  

China’s aggressive global cyber activities have challenged governments in Australia, New Zealand and many others, with no detectable change in China's behaviour.   

Indeed, CISA's Director, Jen Easterly, has warned that the US must do more to protect against cyber threats posed by attackers linked to China. In fact, Chinese industrial espionage is estimated to be costing the US economy between USD $225 billion and USD $600 billion. Consequently, if the EO  serves to reduce the volume of data theft  there could be major financial savings. 

Typically, application of economic sanctions have been the initial punitive responses from US presidents to punish Chinese entities allegedly tied to cyber espionage activities.  Hover, these appear to have had no deterrent effect and have been met with equal Chinese resistance. 

Critics of the Biden administration say that it has had four years to introduce tougher measures - when they might  have had a greater impact in strengthening US preparedness - instead of delaying until its final days in power.

Furthermore, aside from the fact that EOs can be repealed by succeeding presidents, something that Biden did with Trump when he came into office, the idea of instituting these mandates when the most senior officials that helped put it together may be replaced in the new Administration seems to be counter-productive.  

US national cyber security is should be a non-partisan issue, given that no administration of either political party has gotten it right.  This is because cyber security is an evolutionary progression and not a program that can be ejected and replaced easily and it seems likely that President-elect Trump will continue to promote stronger cyber security measures.

The measure proposed in the draft EO will most  likely carried over by the Trump administration and  it is hard to argue against measures that strengthen zero-trust just because they were initiated by the opposing party. However, one facet of the EO that could likely face a setback is the section that will purportedly grant the Department of Homeland Security  and CISA too much more power.

While President Biden’s efforts at the conclusion of his term are commendable, EOs can be rescinded as quickly as they are implemented, and  these efforts would likely have been strengthened by working jointly with with the incoming Trump administration to ensure that they align with the  direction of future policy.  

Right now, it is unclear how much of Joe Biden’s last-minute executive order will be embraced by Donald Trump 

Politico   |    Oodaloop   |    CSO Online   |    CyberExpress   |   Cyberscoop   |   digWatch 

Image:

You Might Also Read: 

Trump 2.0: Cyberwarfare To Reach New Heights:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

 

« British Government Will Ban Payment For Ransom Attacks 
Tackling Cyber Threats In The Public Sector »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

44CON

44CON

44CON is an Information Security Conference & Training event taking place in London. Designed to provide something for the business and technical Information Security professional.

Paladion

Paladion

Paladion is a provider of managed IT security services.

ETAS

ETAS

ETAS (formerly Escrypt) is a pioneer and one of today’s leading solution providers for embedded IT security.

Norton

Norton

NortonLifeLock is dedicated to helping secure the devices, identities, online privacy, and home and family needs of approximately 50 million consumers.

Sabasai

Sabasai

Sabasai specialises in all aspects of insider threat management from training and education to building security frameworks and insider threat programs to on-site risk & vulnerability assessments.

Keynetic Technologies

Keynetic Technologies

Keynetic focuses on developing cybersecurity solutions for Industry 4.0.

Computer Network Defence (CND)

Computer Network Defence (CND)

Computer Network Defence (CND) are a Broad-Spectrum Cyber Security Consultancy and Recruitment Agency.

Gorodissky IP Security

Gorodissky IP Security

Gorodissky IP Security is a comprehensive approach to protecting your intellectual property on the Internet and beyond.

About Cyber Security.

About Cyber Security.

About Cybersecurity provides a galaxy-wide knowledge base of cybersecurity tactics and techniques derived from actual experience.

OWN

OWN

OWN (formerly SEKOIA) is a major French player in cybersecurity providing tailor-made, informed and adapted cyber support thanks to its DNA of passionate and committed experts.

Axiata Digital Labs

Axiata Digital Labs

Axiata Digital Labs is the technology hub of Axiata Group Berhad Malaysia which is one of the leading groups in telecommunication in Asia.

O'Reilly Media

O'Reilly Media

O’Reilly’s help professionals learn best practices and discover emerging trends that will shape the future of the tech industry.

Lightpath

Lightpath

Lightpath is revolutionizing how organizations connect to their digital destinations by combining our next-generation network with our next-generation customer service.

True North Solutions

True North Solutions

True North Solutions provides a wide range of fully customized, vendor-neutral industrial engineering and OT automation solutions to companies across North America and around the world.

PowerDMARC

PowerDMARC

PowerDMARC is a domain security and email authentication SaaS platform that helps organizations protect their domain name, brand, and emails against unauthorized use.

STACK Cybersecurity

STACK Cybersecurity

STACK Cybersecurity serves as a strategic partner, guiding you through the intricate and dynamic cybersecurity landscape.