On May 12, 2021, President Joe Biden signed an executive order aimed at modernizing the nation’s cybersecurity defenses against persistent and increasingly sophisticated cyberattacks that threaten the public sector, the private sector, and ultimately the American public’s security and privacy. This order provides guidance on establishing ways to identify, deter, protect against, detect, and respond to the malicious actions and actors behind various cyberattacks by leveraging zero trust security. The order mainly highlights 2 things:
Transparency and sharing
Any barriers preventing the sharing of threat intelligence must be removed in favor of ensuring greater transparency. Information from network and system logs for both on-premises and cloud systems is invaluable for both investigation and remediation purposes. All information must be trackable and allow for actionable intelligence.
Genians Responses:
- Genians achieves ISO 27001 Certification
- Openness, transparency, and sharing together provide the key for building the foundation of a safe and secure world
- Sharing device platform intelligence that correlates technology information with business context to understand where vulnerabilities may exist.
- Control vulnerable devices by CVE correlation
- Security automation, sharing data without enforcement?
Reformation
By adopting Zero Trust Architecture, we can fundamentally rebuild our cybersecurity foundations to secure IT and OT seamlessly rather than patching whenever incidents occur.
Genians Responses:
- Two fundamental elements for enabling digital trust in the 5G/IoT era
- Zero trust security: Securing nodes rather than the perimeter
- Enhanced micro-segmentation for IoT
- NAC built-in RADIUS and VPN for secure remote access
- Security risks of the Work From Home (WFH) model
- Introducing Zero Trust Network Access Control (Zero Trust NAC)
Team Genians will be presenting additional blogs explaining how to effectively support the following specific points of guidance released as part of the President’s Order. We will guide you throughout on the best methods for reforming your cybersecurity foundation by leveraging Genians cybersecurity platform, ensuring full network surveillance across all connecting points (nodes), and providing dynamic access control to maintain compliance with IT security policies. We will also cover how to orchestrate an organization’s entire security portfolio in concert with Device Platform Intelligence (DPI), Network Access Control (NAC), and Endpoint Detection and Response (EDR), all for the purpose of achieving an optimally secure network edge.
Section 1. Policy:
Cybersecurity requires more than government action. Protecting our Nation from malicious cyber actors requires the Federal Government to partner with the private sector. The private sector must adapt to the continuously changing threat environment, ensure its products are built and operate securely, and partner with the Federal Government to foster a more secure cyberspace. In the end, the trust we place in our digital infrastructure should be proportional to how trustworthy and transparent that infrastructure is…
Incremental improvements will not give us the security we need; instead, the Federal Government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life. The Federal Government must bring to bear the full scope of its authorities and resources to protect and secure its computer systems, whether they are cloud-based, on-premises, or hybrid. The scope of protection and security must include systems that process data (information technology (IT)) and those that run the vital machinery that ensures our safety (operational technology (OT)).
Sec. 2. Removing Barriers to Sharing Threat Information:
Removing these contractual barriers and increasing the sharing of information about such threats, incidents, and risks are necessary steps to accelerating incident deterrence, prevention, and response efforts and to enabling more effective defense of agencies’ systems and of information collected, processed, and maintained by or for the Federal Government.
Sec. 3. Modernizing Federal Government Cybersecurity.
The Federal Government must adopt security best practices; advance toward Zero Trust Architecture; accelerate movement to secure cloud services, including Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS); centralize and streamline access to cybersecurity data to drive analytics for identifying and managing cybersecurity risks, and invest in both technology and personnel to match these modernization goals.
Sec. 4. Enhancing Software Supply Chain Security.
The development of commercial software often lacks transparency, sufficient focus on the ability of the software to resist attack, and adequate controls to prevent tampering by malicious actors. The security and integrity of “critical software” — software that performs functions critical to trust (such as affording or requiring elevated system privileges or direct access to networking and computing resources) — is a particular concern.
Sec. 7. Improving Detection of Cybersecurity Vulnerabilities and Incidents on Federal Government Networks.
The Federal Government shall employ all appropriate resources and authorities to maximize the early detection of cybersecurity vulnerabilities and incidents on its networks. This approach shall include increasing the Federal Government’s visibility into and detection of cybersecurity vulnerabilities and threats to agency networks in order to bolster the Federal Government’s cybersecurity efforts.
Sec. 8. Improving the Federal Government’s Investigative and Remediation Capabilities.
Information from network and system logs on Federal Information Systems (for both on-premises systems and connections hosted by third parties, such as CSPs) is invaluable for both investigation and remediation purposes. It is essential that agencies and their IT service providers collect and maintain such data and, when necessary to address a cyber incident on FCEB Information Systems, provide them upon request to the Secretary of Homeland Security through the Director of CISA and to the FBI, consistent with applicable law.