Modernizing and Implementing Stronger Cybersecurity Standards across the Federal Government.CISA and our interagency partners will also develop procedures for ensuring that cyber incident reports are shared quickly among federal agencies, enabling faster response.CISA will work with OMB to recommend contract language that makes sharing critical data easier, including breach notification thresholds and frameworks, and requires implementation of improved security measures across federal contractors.The EO creates cybersecurity event log requirements for federal departments and agencies to improve an organization's ability to detect intrusions, mitigate those in progress, and determine the extent of an incident after the fact.Improve Investigative and Remediation Capabilities.The EO improves the ability to detect malicious cyber activity on federal networks by enabling a government-wide endpoint detection and response (EDR) system and improved information sharing within the Federal Government.Improve Detection of Cybersecurity Incidents on Federal Government Networks.The playbook will ensure all federal agencies meet a certain threshold and are prepared to take uniform steps to identify and mitigate a threat and serve as a template for the private sector to use in coordinating response efforts. The EO creates a standardized playbook and set of definitions for cyber vulnerability incident response by federal departments and agencies. Create Standardized Playbook for Responding to Cybersecurity Vulnerabilities and Incidents.This board is modeled after the National Transportation Safety Board, which is used after airplane accidents and other incidents. The EO establishes a Cyber Safety Review Board, co-chaired by government and private sector leads, with the authority to convene following a significant cyber incident to analyze what happened and make concrete recommendations for improving cybersecurity.It also creates a pilot program to create an "energy star" type of label so the government - and the public at large - can quickly determine whether software was developed securely.The EO will improve the security of software by establishing baseline security standards for development of software sold to the government, including requiring developers to maintain greater visibility into their software and making security data publicly available.The EO helps move the Federal Government to secure cloud services and a zero-trust architecture, and mandates deployment of multifactor authentication and encryption within a specific time period.Modernize and Implement Stronger Cybersecurity Standards in the Federal Government.The EO ensures that IT Service Providers are able to share information with the government and requires them to share certain breach information.Remove Barriers to Threat Information Sharing Between Government and the Private Sector.
0 Comments
Leave a Reply. |