ADVERTISEMENT

Cyber pros skeptical of Biden’s last-minute cybersecurity executive order

President Joe Biden signed a broad executive order on cybersecurity aimed at containing malicious cyber-enabled threats, such as attacks against critical infrastructure, ransomware, other intrusions, and sanction evasion. The document expands the criteria to designate individuals and entities for sanctions.

US cybersecurity, executive order

Image by Cybernews.

Ernestas Naprys
Ernestas Naprys Senior Journalist
Jan 17, 2025 Updated: 17 January 2025 2 min read

What’s in the document?

  • Third-party supply chains – The document states that insecure software remains a challenge and introduces new requirements for vendors working with the federal government. Those include attestations, updates to secure software development guidelines, and requirements for agencies to better manage risks in supply chains, including the use of open-source software.
  • Federal cybersecurity systems – Agencies will have to implement phishing-resistant authentication standards. The order gives CISA expanded access and powers to hunt for threat actors across networks. New requirements for space systems, including satellites and ground systems.
  • Federal communications – Federal agencies must implement stronger identity authentication encryption across email, DNS traffic, Internet routing, and modern communications, such as voice and video conferencing. These agencies will also have to transition to post-quantum cryptography.
  • Combating cybercrime and fraud – The document pushes for wider acceptance of digital identity documents and mobile driver’s licenses. Digital verification has to be interoperable, prevent surveillance and tracking, and support privacy and data minimization by often using “yes/no” validation (such as whether an individual is older than a specific age). A new pilot program is planned that alerts people when their identity is being used to request benefits payments, letting them stop potential transactions before they occur.
  • Artificial intelligence (AI) – The government plans to integrate advanced AI models into cyber defense and directs federal agencies to prioritize research on AI cybersecurity topics like human-AI interaction and the security of AI-generated code.
ADVERTISEMENT

Doubts surround the ambition

vilius Jurgita Lapienyte Gintaras Radauskas Niamh Ancell
Get our latest stories today on Google News
Add us as your Preferred Source on Google.
ADVERTISEMENT