In the aftermath of major cyberattacks that threatened critical infrastructure and national security, President Biden signed an executive order Wednesday that aims to strengthen cyber defenses through increased information sharing with private industry.
Protecting our Nation from malicious cyber actors requires the Federal Government to partner with the private sector. The private sector must adapt to the continuously changing threat environment, ensure its products are built and operate securely, and partner with the Federal Government to foster a more secure cyberspace. (Executive Order on Improving the Nation’s Cybersecurity)
The order requires technology service providers to share cyber breach information, no later than three days in severe cases.
- It will also set baseline security standards around software sold to the federal government.
- And a safety review board will be established to make cybersecurity recommendations based on previous incidents.
“This is an inflection point,” said SolarWinds’ Tim Brown, Chief Information Security Officer (CISO) and Vice President of Security, referring to how industry and government have responded to recent breaches.
- In December, SolarWinds discovered a highly sophisticated cyber intruder in one of its popular applications. The intruder is believed to be linked to a Russian intelligence group.
Malicious actors often have the upper hand when it comes to successfully launching attacks, both Brown and Lester Godsey, CISO for the county of Maricopa, Arizona, agreed.
- “The fundamental issue from my perspective is that the bad guys only have to be successful once,” Godsey said. “Everyone else’s batting average has to be close to perfect as humanly possible.”
- Godsey and Brown spoke at GovLoop’s virtual summit hours just hours before the Biden administration released its cybersecurity executive order. They discussed on how government is moving forward from past cyber incidents.
Increased transparency and communication between government and industry will be key for improving national cybersecurity.
For example, SolarWinds engaged the Cybersecurity and Infrastructure Security Agency (CISA) and other intelligence agencies early in its breach discovery. “We had to give them enough understanding and detail so we could collaborate well,” Brown said, adding it was a “heavily communicated event.”
During the 2020 elections – a “unicorn event,” according to Godsey – communication was also paramount to ensuring election security in the midst of various threat vectors.
- The 2020 elections were “the most open and communicative process” Godsey had participated in from an intelligence-sharing perspective.
- Godsey’s team, the Office of Enterprise Technology (OET), regularly communicated with the county’s recorder elections department, state CISO and local fusion center, which then shared intelligence with federal agencies like CISA and the FBI.
- The day of the general election, OET shared hourly reports on the status of network traffic and intrusion attempts with its partners, shutting down credible threats that may have attempted to sway public perception on social media.
- “Communication can’t be understated,” Godsey said.
This online training was brought to you by: