On May 12, 2021, President Biden issued an executive order on improving the nation’s cybersecurity. In the year since the executive order’s release, the federal government has implemented a host of cybersecurity initiatives, standards and policy measures to protect agencies and their industry partners against the increasing threat of cyber attacks.
March 2022 saw three notable achievements in alignment with the executive order across the federal government; but there are still impending hurdles to overcome and deadlines to meet before the order is fully implemented.
Join the Potomac Officers Club on May 24 for its Reframing Cyber Posture Around Data Collection, Analysis, and Action Forum to learn more about the implications of the cybersecurity EO. Register here.
The Office of Management and Budget has directed agencies to begin implementing new software supply chain security guidance as outlined by the National Institute of Standards and Technology. In a document published March 7, OMB said federal agencies must integrate the guidance into existing software lifecycle management and acquisition processes “to ensure purchase of only secure and trustworthy products.”
NIST is expected to provide updated guidance in the following months based on industry response and input.
Also on March 7, the Cybersecurity and Infrastructure Security Agency released a draft paper on applying zero trust to enterprise mobile devices. CISA’s guidance aims to help federal agencies attain zero trust through architectural frameworks and mobile security approaches. Feedback on the draft closed Apr. 18.
The National Cybersecurity Center of Excellence at NIST also published guidelines for integrating manufacturing operational technology systems with information technology systems while mitigating risk and ensuring security. These guidelines give manufacturers solutions that will help to fortify internal control systems from increasing attacks.
The Potomac Officers Club’s Reframing Cyber Posture Around Data Collection, Analysis, and Action Forum will gather federal and industry officials at the leading edge of cybersecurity to discuss the progress made in the year since the executive order’s issuance as well as the importance of data in the government’s EO implementation.