Biden signs order to beef up federal cyber defences

Richmond, May 13: President Joe Biden has signed an executive order meant to strengthen US cybersecurity defences in response to a series of headline-grabbing hacking incidents that highlight how vulnerable the country’s public and private sectors are to high-tech spies and criminals operating from half a world away.
The order signed on Wednesday will require all federal agencies to use basic cybersecurity measures, like multi-factor authentication, and require new security standards for software makers that contract with the federal government. Officials are hoping to leverage the federal government’s massive spending power to improve security across all types of software.
The order comes as the administration has been grappling with its response to a massive breach by Russia of federal agencies and ransomware attacks on private corporations.
Hit by a cyberattack, the operator of a major US fuel pipeline was forced to shut down service that is currently causing gas shortages throughout the Southeast. And the US sanctioned the Kremlin last month for a hack of federal government agencies, known as the SolarWinds breach, that officials have linked to a Russian intelligence unit and characterized as an intelligence-gathering operation.
The order also creates a pilot program to develop a rating system, similar to how New York City requires restaurants to display letter grades that correspond to scores received from sanitary inspections, to show whether software was developed securely.
Biden’s order would also require IT service providers that contract with the federal government to share certain information about cyber breaches, an information-sharing program that officials say will improve the county’s cybersecurity as a whole.
The order also establishes a cybersecurity safety review board that’s tasked with studying major cyber incidents and coming up with concrete recommendations. It’s modeled after the National Transportation Safety Board. As a nod to how influential the private sector is in cybersecurity, the new board will be co-chaired by an official from the government and another from the private sector. (AGENCIES)
&&