The United States Federal Government has in recent years passed parts of key bills that relate to the Cybersecurity of this country.  But probably the most comprehensive one was just recently enacted by President Joe Biden, in the Executive Order that he signed on May 12th, 2021, primarily in response to all of the Ransomware attacks that have been taking place.

The actual legislation is about 34 pages long, so in this article we summarize some of the key highlights from it.

The Major Highlights

1. The supply chain security risk will be addressed:

This has been classified as a “Supply Chain Attack” in the sense that the Cyberattacker group used just a couple of the tools from Solar Winds in order to spread their malicious payload to the hundreds of customers that were dependent upon its use.  A big chunk of these victims also included the major departments of the Federal Government, especially that of the Department of Defense (DoD).  As a result, this new Executive Order now mandates that any software product that is used in any contractual work for any agency must now adhere to a much stricter set of security requirements, as well as when it comes to the accessing and processing of shared resources (such as that of data sets).

2. A quicker response to detection/response and investigation/remediation:

In this regard, the emphasis is on endpoint security.  For the longest time, both public and private enterprises were much more concerned about protecting the lines of network communications, and not paying much attention to the points of origination and destination of these flows.  As a result, the Cyberattacker took complete advantage of this, and literally hung out at these endpoints in order to deploy their malicious payloads and move in a lateral fashion.  But there will now be much greater emphasis placed upon this by the Federal Government.

3. The establishment of a national Cyber playbook:

The use of playbooks is quite common with many of the Cybersecurity vendors, as well as for their own clients.  With a playbook, you are modeling the various threat vectors, the possible consequences of their impact, and creating a set of rules and procedures to mitigate the risk of them impacting your business.  But with this new Executive Order, one of the primary goals is to establish the framework for a national Cyber Playbook, in which any public or private entity can adopt and use for its own security environment.

4. The establishment of greater oversight:

In this regard, a National Cybersecurity Safety Review Board will be established, which will be made up of individuals from both the public and private sectors.  The intention of this is to have the ability to investigate major security breaches, and in fact, it is hoped that this will be created like the National Transportation Safety Board.

5. There will be more a more proactive mindset:

The US Federal Government has been known to use out of date technology, for example that of the Internal Revenue Service.  But upon the enaction of this Executive Order, this should soon start to change, as agencies and their related entities will now be required to completely upgrade their IT and Network Infrastructures, by adopting the following:

  • A total migration to a 100% Cloud based infrastructure, using a platform such as that of Microsoft Azure;
  • Adopting the Zero Trust Framework;
  • Implementing Multifactor Authentication (MFA) across all levels of the government when access to confidential information and data needs to be accessed.

How Microsoft Azure Can Help

One of the biggest benefits of using Microsoft Azure is that you have the tools quickly available to come into compliance with this Executive Order, which are as follows:

1. From the Security Console:

The following are available:

  • Data Loss Prevention;
  • Records Management;
  • Information Governance;
  • Threat Management;
  • eDiscovery.

2. From the Compliance Console:

The following are available:

  • Auditing Functionalities;
  • Communications Compliance;
  • Insider Risk Management;
  • Records/Data Management.

3. The Endpoint Manager:

This toolset will help you to deploy EDR solutions to protect your endpoints, and even take further advantage of Microsoft XDR.

Conclusions

If you have any questions about the above-mentioned tools or need help in deploying them, contact us today!