The TL;DR of the Latest Cybersecurity Executive Order

Blog
Rick Bosworth
January 16, 2025
copy

Executive Summary (TLDR)

On January 16, 2025, President Biden issued an executive order (EO) which seeks to not only catalyze AI-powered cybersecurity innovation, but also to fortify the nation’s cybersecurity defenses against advanced persistent threats, particularly those from adversarial nations. Building upon EO 14028, the new EO emphasizes the need to defend vital services and critical infrastructure, to further strengthen the national cybersecurity posture. This blog seeks to summarize the latest EO, section by section, for busy cybersecurity executives.

Key sections of this directive include

  • Operationalizing Security in Third-Party Software
  • Improving Cybersecurity of Federal Systems
  • Securing Federal Communications
  • Combatting Cybercrime and Fraud

Exploring the Key Points

Section 2: Operationalizing Security in Third-Party Software. The order states that adversaries have targeted weak links in the software supply chain, and calls for software providers to use secure software development practices, to reduce the number and severity of vulnerabilities. It lays out specific timelines to the Office of Management and Budget (OMB) and other agencies regarding the recommendation and implementation of both contractual requirements and artifacts of compliance to these secure dev practices.

The order goes further, calling for a consortium between government and industry to provide guidance on the implementation of software development, delivery, and operations practices prescribed in NIST SP 800-218 (Secure Software Development Framework (SSDF)).

The order calls for recommendations on the use of security assessments and patching of open source software.

Section 3: Improving Cybersecurity of Federal Systems. Firstly, the order emphasizes the urgency to adopt advanced identity and access management (IAM) solutions, to enhance threat visibility and cloud security. Federal agencies are encouraged to prioritize anti-phishing authentication solutions as well. These measures build upon EO 14028 to strengthen IAM.

The directive tasks CISA to enhance its threat hunting capabilities across the Federal Civilian Executive Branch (FCEB). This includes timely access to EDR and security operations center data, in an effort to detect coordinated threat actor campaigns, identify novel threats, and provide for robust infosec policies.

Additionally, the order directs agencies to update FedRAMP policies to secure cloud networks. The order goes on to prescribe more specific requirements for federal and civilian space systems for resiliency against evolving threats.

Section 4: Securing Federal Communications. The EO calls for enhanced authentication, encryption, and modernization of federal communications protocols, to protect comms from nationstate adversaries and criminals. Steps are outlined to improve security of voice, video conferencing, and instant messaging systems through end-to-end encryption.

The order mandates preparation for transition to post-quantum cryptography (PQC), to offset the threat posed by emerging, advanced quantum computing technology. Agencies are directed to implement PQC algorithms as soon as they become available. Guidelines are to be developed for securely managing cryptographic keys and access tokens.

Section 5: Solutions to Combat Cybercrime and Fraud. To safeguard public benefits programs and taxpayer resources, the order calls for the adoption of digital identity verification systems that limit information shared to the minimum necessary. To reduce identity fraud, the order calls upon certain agencies such as the Social Security Administration to use  identity validation services that function without sharing sensitive data. The EO tasks the Department of the Treasury to pilot technology that notifies individuals when their identity is used for payments, enabling them to stop fraudulent transactions and report to law enforcement.

Section 6: Promoting Security with and in AI. The order calls for the use of AI in bolstering cybersecurity defenses of critical infrastructure. It directs the Federal Government to accelerate AI development in vulnerability detection, threat detection, and automating cyber defense. A pilot program in the Dept of Energy will be launched, using AI-powered patch management and anomaly detection, including the assessment of its effectiveness.

Conclusion

Yesterday’s processes and technologies will not win today’s cybersecurity battles. Recognizing the threat posed by advanced nationstate adversaries, this executive order challenges the Federal Government agencies and private sector cybersecurity vendors to work together, to transform our collective approach to cybersecurity, by adopting new practices and emerging technologies. 

To learn how Zafran can help transform your vulnerability management program, slash mean time to detect, and mean time to respond, by using advanced technology to predict the next incident before it occurs, reach out to us here.

Related Articles

Blog
Strategies for Improving Detection - Vuln Management Survival Guide
Blog
Vulnerability Exploitation in 2024
Blog
Strategies for Improving Governance & Compliance - Vuln Management Survival Guide
PlatformLearnAboutCareersTrust CenterGet a Demo
Vuln Prioritization & RemediationExposures
© ZAFRAN, 2024, All rights reserved   |    Privacy Policy   |    Terms of Service