Introduction
The Cyber Threat Landscape is increasingly prominent in the news, represented by the major security breaches of SolarWinds and Colonial Gas. The United States Federal Government has passed in recent years a number of bills that relate to Cybersecurity. One of the most comprehensive actions was just recently enacted in the Executive Order signed by President Biden on May 12th 2021 – “Executive Order on Improving the Nation’s Cybersecurity”
The Executive Order is primarily intended to address security in the Federal Government, but these requirements will quickly push out to any private sector business that works directly or indirectly with the government or falls under any form of federal regulation. Cybersecurity insurance providers are already requiring implementation of some of these new standards.
Banks are already closely monitored for IT security and are required to have stringent controls in place. There is little in the new Executive Order that is not already in the newest InTREx examination program for Information Technology. But small community banks can no longer expect to get a pass from having sophisticated tools in place to meet these standards.
It has become more important than ever to know what’s happening on your network and have the ability to react quickly if a malicious act occurs.
Here are some key features of the 34 page order.
The Key Takeaways
1. Easier Access to Intel:
In the past, there have been some strong barriers between the sharing of information and data with the US Federal Government and the private sector, namely the Cybersecurity vendors. Because of this, many threat vectors that could have been mitigated were not. But with this new legislation, all barriers are intended to be removed, so there that will be a free and smooth flow when it comes to information/data exchanges. In fact, Cybersecurity vendors are now required to inform the government if the agencies that they are doing contract work for could be at risk to an impending threat.
2. A More Proactive Mindset:
The US Federal Government has been known to use outdated technology, most notably that of the Internal Revenue Service. Upon the enaction of this Executive Order, this should soon start to change, as agencies and their related entities will now be required to completely upgrade their IT and Network Infrastructures by adopting the following:
- Adopting the Zero Trust Framework (requiring active authentication at all times).
- Implementing Multi-factor Authentication (MFA) across all levels of government when access to confidential information and data needs to be accessed.
- A total migration to a 100% Cloud based infrastructure, using a platform such as AWS or Microsoft Azure;
4. The Supply Chain Security Risk Will Be Addressed:
This has been fueled in large part by the recent SolarWinds security breach. This has been classified as a “Supply Chain Attack” in the sense that the Cyberattacker group used just a few tools from SolarWinds in order to spread their malicious payload to the hundreds of customers that were dependent upon its use. A big chunk of these victims also included the major departments of the Federal Government, including some areas in the Department of Defense (DoD). As a result, this new Executive Order now mandates that any software product that is used in any contractual work for any agency must now adhere to a much stricter set of security requirements, in addition to the accessing and processing of shared resources (such as that of data sets).
5. The Establishment of Greater Oversight:
In this regard, a National Cybersecurity Safety Review Board will be established, which will be made up of individuals from both the public and private sectors. The intention is to have the ability to investigate major security breaches, and it is expected to function much like the National Transportation Safety Board.
6. The Establishment of a National Cyber Playbook:
The use of playbooks is quite common with many of the Cybersecurity vendors, as well as for their own clients. A playbook models the various threat vectors, the possible consequences of their impact, and creates a set of rules and procedures to mitigate the risk of them impacting your business. But with this new Executive Order, one of the primary goals is to establish the framework for a national Cyber Playbook, which any public or private entity can modify and adopt and use for its own security environment.
7. A Quicker Response to Detection/Response and Investigation/Remediation:
In this regard, the emphasis is on endpoint security. For the longest time, both public and private enterprises were much more concerned about protecting the lines of network communications, and not paying much attention to the points of origination and destination of these flows. As a result, Cyber attackers took complete advantage of this, and looked at these endpoints in order to deploy their malicious payloads and move in a lateral fashion.; There will now be much greater emphasis placed upon this by the Federal Government requiring businesses to adopt and implement newer security technologies, such as the Invicta product line from Results Technology.
The newly signed Executive Order requires federal agencies and departments to “up their game” in keeping up with technology, applying strong security standards and policy controls, and most of all knowing what activity is happening on their networks. Fortunately, even small businesses can have access to enterprise-level tools like RESULTS’ Invicta to manage, report and react to cyber threats.
Conclusion
Overall, the new broad executive order is a great first step, but the key question still remains on how quickly these measures will be implemented. Brandon Wales, acting director of the Cybersecurity and Infrastructure Agency put it best when he said “it won’t be easy, smooth or cheap, but the cost of not doing so is simply too high.” There is no time to lose as threat variants are becoming more sophisticated and deadlier each and every day. Learn more about our cybersecurity services and how we help organizations implement best practices and cybersecurity frameworks.
About the Author:
Mike Gilmore is the Chief Compliance Officer of RESULTS Technology and a Certified Information Systems Auditor (CISA) with more than 30 years’ experience in the banking industry. RESULTS Technology provides IT services to community banks across the Midwest. In his role as CCO, Mike provides compliance and risk assessments, audit and exam support and policy documentation. He can be reached at info@resultstechnology.com.