President Biden’s Final Cyber Security Executive Order  

Outgoing US President Biden will issue a cyber security Executive Order (EO) focusing on the recent damaging Chinese online attacks against US organisations.  

The proposed measures address growing threats from Chinese-linked cyber operations and criminal cyber attacks, which have targeted critical infrastructure, government emails, and major telecoms firmsUnder the draft order, contractors must adhere to stricter secure software development practices and provide documentation to be verified by the Cybersecurity and Infrastructure Security Agency (CISA). 

The ambitious final executive order requires 52 agency actions to bolster cyber protections and counter adversaries, including a new plan to address increasing digital identity theft. China’s offensive hacking campaigns has influence this EO.  

China’s aggressive global cyber activities have challenged governments in Australia, New Zealand and many others, with no detectable change in China's behaviour.   

Indeed, CISA's Director, Jen Easterly, has warned that the US must do more to protect against cyber threats posed by attackers linked to China. In fact, Chinese industrial espionage is estimated to be costing the US economy between USD $225 billion and USD $600 billion. Consequently, if the EO  serves to reduce the volume of data theft  there could be major financial savings. 

Typically, application of economic sanctions have been the initial punitive responses from US presidents to punish Chinese entities allegedly tied to cyber espionage activities.  Hover, these appear to have had no deterrent effect and have been met with equal Chinese resistance. 

Critics of the Biden administration say that it has had four years to introduce tougher measures - when they might  have had a greater impact in strengthening US preparedness - instead of delaying until its final days in power.

Furthermore, aside from the fact that EOs can be repealed by succeeding presidents, something that Biden did with Trump when he came into office, the idea of instituting these mandates when the most senior officials that helped put it together may be replaced in the new Administration seems to be counter-productive.  

US national cyber security is should be a non-partisan issue, given that no administration of either political party has gotten it right.  This is because cyber security is an evolutionary progression and not a program that can be ejected and replaced easily and it seems likely that President-elect Trump will continue to promote stronger cyber security measures.

The measure proposed in the draft EO will most  likely carried over by the Trump administration and  it is hard to argue against measures that strengthen zero-trust just because they were initiated by the opposing party. However, one facet of the EO that could likely face a setback is the section that will purportedly grant the Department of Homeland Security  and CISA too much more power.

While President Biden’s efforts at the conclusion of his term are commendable, EOs can be rescinded as quickly as they are implemented, and  these efforts would likely have been strengthened by working jointly with with the incoming Trump administration to ensure that they align with the  direction of future policy.  

Right now, it is unclear how much of Joe Biden’s last-minute executive order will be embraced by Donald Trump 

Politico   |    Oodaloop   |    CSO Online   |    CyberExpress   |   Cyberscoop   |   digWatch 

Image:

You Might Also Read: 

Trump 2.0: Cyberwarfare To Reach New Heights:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

 

« British Government Will Ban Payment For Ransom Attacks 
Tackling Cyber Threats In The Public Sector »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Spirion

Spirion

Spirion offers data discovery, classification, and protection tools for your business's privacy, security, and compliance program to avoid gaps and risks.

Perspective Risk

Perspective Risk

Perspective Risk provides penetration testing, security assessments, risk management & compliance solutions, InfoSec training and consultancy services.

Grimm Cyber

Grimm Cyber

GRIMM makes the world a more secure place by increasing the cyber resiliency of our client’s systems, networks, and products.

TechVets

TechVets

TechVets is a non-for-profit helping UK veterans and service leavers retrain into Cyber Security and Technology jobs.

Sompo International

Sompo International

Sompo International is a global specialty provider of property and casualty insurance and reinsurance services including Cyber & Network Risk.

Bace Cybersecurity Institute (BCI)

Bace Cybersecurity Institute (BCI)

Bace Cybersecurity Institute focuses on understanding, empowering and taking action across four critical areas driving continual improvement toward a safer, more secure cyber world.

Charities Security Forum (CSF)

Charities Security Forum (CSF)

The Charities Security Forum is the premier membership group for information security people working for charities and not-for-profits in the UK.

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71) is Singapore's first cybersecurity entrepreneur hub.

Navixia

Navixia

As a leading Swiss IT security specialist, Navixia offers a global and pragmatic approach to information security.

SIRP Labs

SIRP Labs

SIRP is a Risk-based Security Orchestration, Automation and Response (SOAR) platform that fuses essential cybersecurity information to enable a unified cyber response.

CloudSphere

CloudSphere

CloudSphere’s flagship Cloud Governance Platform enables enterprises and cloud service providers to simplify and optimize cloud migration, management, and governance.

Cado Security

Cado Security

Cado Security is pushing digital forensics, and cyber incident response to the next level with an incident response software platform and specialist consulting services.

Revere Technologies

Revere Technologies

Revere Technologies is a pure-play cyber security solutions and services provider in Sub-Saharan Africa.

CyXcel

CyXcel

CyXcel is a cyber security consulting business grounded in the law which natively fuses crises, legal, technical, and consulting expertise digital networks, information and operational technology.

CyberForce Global

CyberForce Global

CyberForce Global are at the forefront of start-up technology recruitment in areas including cybersecurity, IT infrastructure, software, fintech, blockchain and more.

Screwloose IT

Screwloose IT

Screwloose IT are a national provider of information technology services. We specialise in managed IT, cloud services, cyber security, website design and digital marketing for businesses of all sizes.