Collaborate Disseminate
The long-expected Executive Order On Improving the Nation’s Cybersecurity was published Wednesday, May 12, 2021. My initial reaction is positive. It calls for using multifactor authentication and encryption within Federal agencies after all, things th… Continue reading A Cyber Executive Order For the 21st Century
President Joe Biden on Wednesday signed an executive order that will significantly tighten cybersecurity rules for government contractors and set up an incident review board to try to blunt the impact of major hacks. The directive comes as the U.S. government continues to grapple with the fallout from breaches at key software suppliers and the disruption of a national pipeline operator by ransomware. The executive order requires federal contractors to promptly report cyber incidents to agencies, and it establishes a new government entity modeled after the National Transportation Safety Board to review major breaches. It will also require software that the government buys to meet a baseline set of security standards — an effort to make it harder for hackers to tamper with code that ends up on federal networks. “The current market development of build, sell and maybe patch later means we routinely install software with significant vulnerabilities into […]
The post Biden signs security-focused executive order meant to accelerate breach reporting, boost software standards appeared first on CyberScoop.
In 2008, the day before the presidential elections, I wrote an open letter to President Obama. I should have cc’ed the vice president. It’s been more than 12 years since I provided my suggestions for securing the federal government against cyberattack… Continue reading Creating an Effective Cybersecurity EO
The Biden administration said it’s drafting an executive order to help the United States government better defend itself against digital supply chain attacks. A Step Up for Federal Procurement According to NPR, the executive order that’s being drafted … Continue reading Biden Administration Drafting EO to Help U.S. Gov’t Secure Digital Supply Chain
This week marks the milestone of the Biden Administration’s first 100 days. It is somewhat arbitrary to expect an incoming president to achieve significant progress in just 100 days, or to judge success or failure based on such a small span of tim… Continue reading 100 Days Down, 1,360 Days of Nation-State Cybersecurity Threats to Go
On Sunday, Sept. 20, Chinese company ByteDance’s TikTok and WeChat die. President Trump’s executive order, which prohibits any “transactions” with ByteDance thereafter, has now been clarified to note that “transactions” include both the transfer of da… Continue reading U.S. Requires Servers to Ban TikTok, WeChat Traffic
President Donald Trump issued two executive orders Thursday that will ban making transactions with Chinese tech companies ByteDance and Tencent as of Sept. 20. The two companies own widely popular applications — ByteDance owns video-sharing app TikTok, while Tencent operates messaging service WeChat — that have been characterized as national security threats. Trump has expressed particular concern over TikTok in the last week, telling reporters over the weekend that he was looking to ban the app in the United States. In the executive order, Trump says TikTok allows the Chinese government to capture vast swaths of data from U.S. citizens, censor content it deems politically sensitive, and use it for disinformation campaigns. “The United States must take aggressive action against the owners of TikTok to protect our national security,” the order reads. TikTok is wildly popular, having been downloaded more than 2 billion times worldwide, including 165 million times in […]
The post Trump issues executive orders that will ban transactions with TikTok, WeChat parent companies appeared first on CyberScoop.
President Donald Trump on Friday issued an executive order barring federal agencies and companies under U.S. jurisdiction from installing foreign-owned equipment in the electric sector that might pose “an unacceptable risk to national security.” The sweeping directive authorizes Trump’s energy secretary, Dan Brouillette, to work with U.S. national security agencies and the energy industry to vet equipment before it gets installed, and to identify vulnerable gear already in place. It is the latest move by the administration to clamp down on foreign-sourced software and hardware, following an order last year covering U.S. companies’ procurement of telecommunications gear. The new executive order covers equipment procured and installed in the “bulk-power system” — or infrastructure used in electricity generation and transmission, and generally not distribution. “Foreign adversaries are increasingly creating and exploiting vulnerabilities” in that system, including through “malicious cyber activities,” Trump said in the order. One of the more notable hacking operations to target the U.S. […]
The post Citing hacking threats, Trump limits foreign-sourced equipment in U.S. electric sector appeared first on CyberScoop.
The Department of Commerce on Tuesday outlined how it might implement a White House order that gives the department broad leeway to ban foreign parts in U.S. IT and communications supply chains because of security concerns. Secretary of Commerce Wilbur Ross will “adopt a case-by-case” approach to determining what components will be banned, drawing on assessments from the Department of Homeland Security and the Office of the Director of National Intelligence, the department said in a statement. Under the proposal, before making a final decision to exclude a foreign company from U.S. digital supply chains, the Commerce Secretary would notify the company, giving it the opportunity to address security concerns and avoid a ban. The secretary would send an unclassified ruling to the parties explaining the decision and make that public when appropriate. The proposal is a key step toward making a more stringent national policy governing U.S. supply chains a […]
The post Commerce Department proposes rules for implementing Trump’s supply-chain security order appeared first on CyberScoop.
President Donald Trump’s recent Executive Order on America’s Cybersecurity Workforce has created surprisingly little buzz within the cybersecurity training community. This is likely because, as exciting as it is to have the leader of the free world fo… Continue reading Executive Order on America’s Cybersecurity Workforce: From Strategy to Reality