After a series of supply chain and ransomware attacks, the federal government is ramping up its effort to improve the nation’s cybersecurity. In the past several months, multiple federal departments and agencies announced new policy initiatives and regulatory directives to drive their cybersecurity agenda forward, and state regulators are following the trend. It is unmistakably clear that companies in regulated sectors are entering a new era of cybersecurity regulatory compliance. And although much of this early action targets specific sectors (e.g., government contractors, pipeline operators, and public companies), these requirements will indirectly touch companies in other sectors and are a preview of broader regulation to come. Here, we discuss recent notable actions on cybersecurity by federal and state government agencies.
On May 12, 2021, President Joe Biden signed the Executive Order on Improving the Nation’s Cybersecurity. The order focuses on improving the executive branch’s cybersecurity posture in response to recent supply chain and ransomware attacks. The order calls for:
- Contractually obligating IT and OT service providers to share threat information with and disclose cyber incidents to their federal counterparts
- Accelerating the migration of federal IT systems to secure cloud services, promoting a zero-trust security model, and enabling multi-factor authentication and data encryption
- Calling for a national cyber incident review board (modeled on the National Transportation Safety Board, which investigates significant transportation incidents)
- Establishing baseline security standards for the development of software sold to the government by requiring developers to maintain greater visibility into their software and making security data publicly available
- Deploying endpoint detection and response (EDR) systems across federal networks
- Implementing enhanced logging at federal departments and agencies
OPEN LETTER TO BUSINESS OWNERS ABOUT THEIR CYBERSECURITY
The White House also published an open letter to U.S. business leaders and executives, urging them to implement protective measures against ransomware attacks. The letter confirms that disrupting ransomware actors is one of the Biden administration’s top priorities and recommends that private companies adopt the following security measures against ransomware attacks:
- Implementing security measures such as MFA, encryption, and EDR.
- Periodically test the integrity of your backups
- Regularly updating and patching systems
- Tests the company’s incident response plan
- Applying network segmentation where possible
The White House also emphasized cybersecurity and the need to impose consequences on criminal actors during meetings with foreign leaders. At the G7 summit, world leaders, including Biden, identified ransomware as one of the biggest threats to people and businesses around the globe and urged Russia to “identify, disrupt, and hold to account” cybercriminals operating from the country.
Biden continued this emphasis on July 9, 2021, several days after another massive ransomware attack by the REvil ransomware gang (believed to operate in Russia) affected more than 1,000 businesses over the July 4 weekend. Following this remark, on July 13, all infrastructure tied to the REvil ransomware group, including its data leak and payment sites, went offline.
On July 14, the White House announced a new ransomware task force to coordinate both defensive and offensive actions against ransomware operators, which may include launching cyberattacks against foreign ransomware operators. Some lawmakers and policymakers, such as Sen. Mark Warner, D-Va., and Energy Secretary Jennifer Granholm, are taking it a step further by suggesting that ransom payments should be made illegal for U.S. companies to remove financial incentives for cyber criminals.
Does your company have this security measures in place? If not then it is time give us a call or fill out a form on: Cybersecurity services | Long Island, NY | Motiva