Connect with us

Hi, what are you looking for?

World

US President Joe Biden signs order tightening cyber security, United States News & Top Stories


WASHINGTON – President Joe Biden on Wednesday (May 12) signed a sweeping executive order designed to enhance cyber security in the wake of a series of attacks on American companies that have highlighted the vulnerabilities of data and critical infrastructure.

The executive order establishes standards similar to air safety standards, turning a thus far “laissez faire attitude” into a pre-emptive approach with industrywide standards and the establishment of a Cybersecurity Safety Review Board co-chaired by government and the private sector.

A safety labelling system may be introduced – much as New York restaurants now have safety labels in the context of the coronavirus pandemic. 

“Singapore has built a cybersecurity labelling initiative for Internet-connected devices; that’s a great starting point for the United States,” a senior administration official told reporters.  

“We simply cannot wait for the next incident to happen to be the status quo under which we operate,” the official said. “The cost of a continuing status quo is simply unacceptable.”

The executive order reflects a “fundamental shift in our mindset, from incident response to prevention”, the official said.

This came as many gas stations up and down the east coast ran out of gasoline on panic buying following the shutdown last Friday after a cyber attack of Colonial Pipeline, the company that carries almost half of all fuel used on the east coast.

On Wednesday, the company announced a gradual return to operations.

The restart took place at 5pm local time (5am Singapore time) but it would take “several days” for product delivery to return to normal, the company said. “Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal.”

The White House in a statement said: “Recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that US public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals.

“These incidents share commonalities, including insufficient cybersecurity defenses that leave public and private sector entities more vulnerable to incidents.”

Much of US domestic critical infrastructure is owned and operated by the private sector, where companies make their own determinations on cybersecurity investments.

“We encourage private sector companies to follow the Federal government’s lead and take ambitious measures to augment and align cybersecurity investments,” the statement said.

Specifically, the executive order removes barriers to threat information sharing between the private sector and the government; companies including IT service providers will be required to share information on certain types of breaches.  

The principle is a “zero-trust security model”, the senior official said. 

The order mandates deployment of multifactor authentication and encryption. It also improves supply chain security by establishing baseline security standards for development of software sold to the government, and requires developers to maintain greater visibility into their software and make security data publicly available.





Source link

Leave your vote

Comments

0 comments

You May Also Like

Politics

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae.

Finance

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

Politics

Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum.

Finance

Neque porro quisquam est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit, sed quia non numquam eius modi tempora.

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.