Improving the Nation's Cybersecurity
May 17, 2021
Signed by: Joe Biden
Signed on: May 12, 2021
Published on: May 17, 2021
May 17, 2021
Signed by: Joe Biden
Signed on: May 12, 2021
Published on: May 17, 2021
Summary
Makes federal computer systems safer by working with private companies and using modern security tools to stop cyber attacks.
What problem does this solve?
The United States faces constant and clever cyber attacks that put government and private information at risk, and current defenses are not strong enough. This order requires the government to update its security, share threat information with private companies, and make sure software it uses is built safely.
What does this order do?
Removes barriers to sharing threat information
Updates government contracts to require IT and OT service providers to share information about cyber threats and incidents with federal agencies like CISA and the FBI, helping to speed up response efforts.
Modernizes federal government cybersecurity
Requires federal agencies to adopt modern security practices, including moving to secure cloud services and implementing a 'Zero Trust Architecture,' which assumes no person or device is automatically trusted.
Enhances software supply chain security
Creates new standards for software sold to the government, requiring developers to prove their products are secure and to provide a 'Software Bill of Materials' (SBOM) listing all software components.
Establishes a Cyber Safety Review Board
Creates a board of government and private-sector experts to review major cyber incidents, similar to how the NTSB investigates plane crashes, and recommend improvements to prevent future events.
Reference
Text:
Section:
Header:
Standardizing the federal government's playbook for responding to cybersecurity vulnerabilities and incidents
Creates a standard playbook for incident response
Develops a single, standardized playbook for all federal agencies to use when responding to cybersecurity incidents. This ensures a coordinated and effective response across the government.
Reference
Text:
Section:
Header:
Improving detection of cybersecurity vulnerabilities and incidents on federal government networks
Improves threat detection on federal networks
Requires federal agencies to deploy Endpoint Detection and Response (EDR) tools. These tools help proactively hunt for threats on government computers and networks to find and stop attacks earlier.
Reference
Text:
Section:
Header:
Improving the federal government's investigative and remediation capabilities
Strengthens investigation and remediation capabilities
Sets new requirements for agencies to collect and keep system logs. These logs provide valuable information to help investigate and fix problems after a cyber incident occurs.
Who does this affect?
- Federal government agencies
- Private technology companies and service providers
- Cybersecurity professionals
What is the real world impact?
•
Creates a national standard for cyber defense
Establishes a baseline for cybersecurity across all federal agencies and their private contractors. This ensures a more unified and effective defense against widespread cyber threats by making everyone follow the same set of strong rules.
•
Increases transparency in the software supply chain
Requires software sellers to provide a list of all components in their products, similar to an ingredients list for food. This helps the government understand potential security risks in the software it buys and use.
When does this start?
This order sets multiple deadlines for federal agencies and departments to develop new cybersecurity standards, plans, and reports.
Agency plans for Zero Trust Architecture
Within 60 days (July 11, 2021), each federal agency must develop and submit a plan to implement Zero Trust Architecture and prioritize the use of cloud technology.
Standard incident response playbook
Within 120 days (September 9, 2021), the Department of Homeland Security must develop a standard playbook for federal agencies to use when responding to cyber incidents.
Adoption of multi-factor authentication and encryption
Within 180 days (November 8, 2021), federal agencies must adopt multi-factor authentication and encryption for data to the greatest extent possible.
Initial Cyber Safety Review Board report
Within 90 days of its establishment, the new Cyber Safety Review Board must provide recommendations to the Secretary of Homeland Security based on its first review of a major past incident.
New contract rules for threat sharing
Within 60 days (July 11, 2021), OMB must review and recommend updates to federal contract rules to remove barriers that prevent IT providers from sharing threat information with the government.