The intentions of the Biden Administration to strengthen the US cyber security, following the SolarWinds, Microsoft and Colonial Pipeline cases, seem to be very clear: the aim is to increase the cybersecurity defences.
The President of the United States of America, Joe Biden, has incisively expanded and enhanced the powers of the NSA (National Security Agency), an agency of the Department of Defense and the main governmental organization of digital surveillance. Responsibilities have been expanded with respect to cybersecurity and cyber defense to protect the country from hostile activities by state actors or cyber criminals, internal or external, acting in their own interests and to the detriment of the United States. The memorandum can be downloaded from this link.
This memorandum introduces cybersecurity practices, standards, and requirements (e.g., two-factor authentication and use of encryption, cloud technologies, detection services) for the federal architecture responsible for the nation’s cybersecurity, i.e., the Department of Defense, the Intelligence Agencies, and all federal contractors that support them. Executive Order 14028 stems from the Federal Government’s desire to pursue specific refinement goals with respect to its ability to identify, protect, detect, and respond to malicious cyber operations and their actors through significant cybersecurity changes and investments.
It consists of seven fundamental points:
- Removing barriers to sharing threat information between government and the private sector, to enable more effective departmental defenses and to improve cybersecurity for the nation as a whole.
- Modernizing government cybersecurity by implementing more rigorous cybersecurity standards in government, focusing on zero-trust solutions
- Improving and strengthening software supply chain security.
- Establishment of a cyber security review board, Cyber Safety Review Board, at the Department of Homeland Security, for which the public (Department of Defense, Department of Justice, CISA, NSA, and FBI) and private sectors must immediately come together following significant attacks to analyze the event and prepare necessary defense actions.
- Standardization of the so-called “Playbook,” which is a standard government manual focused on topics related to resolving system vulnerabilities and mitigating cybersecurity incidents that can be consulted by both federal agencies and the private sector.
- Refining the ability to detect vulnerabilities and cybersecurity incidents on Federal Government networks.
- Refinement of the Federal Government’s investigative and remediation capabilities
In addition, the National Security Agency is given broad powers to issue directives, including binding directives, to federal agencies.
These agencies, in fact, must assume specific behaviors, actions and protocols for an effective action of opposition and contrast to threats and vulnerabilities in federal information systems and networks.
These are directives with which the NSA could impose, for example, the obligation to install certain patches, take offline certain systems or uninstall software considered potentially harmful.