Biden EO Has Teeth, But May Prove Difficult to Implement
Wednesday, May 19, 2021
President Biden served up an Executive Order, prompted by fallout from the SolarWinds attack, that has drawn praise for the administration’s obvious commitment to cybersecurity and a willingness to put the weight of the federal government’s purchasing power behind ambitious plans to bolster the nation’s security, but experts worry that the elements that make it a standout order will also trip up its rollout.
Calling the EO “laudable,” ImmuniWeb CEO and chief architect Ilia Kolochenko said it could be “arduous to implement” in the short timeframe established. Many federal government agencies and entities, he said, still can’t meet FISMA requirements, the 2014 set of standards enacted to bolster U.S. cyberresilience, and, on top of that, they’re dealing with the more recent Cybersecurity Maturity Model Certification (CMMC) requisite for doing business with the Defense Department.
Still, those sharing requirements combined with Biden’s proposed Cybersecurity Safety Review Board may try the long-established bounds of interagency collaboration, Kolochenko said.
How the requirements play out in real life will depend, in part, on the resources put behind them. “Hopefully, the upcoming regulations will be also underpinned by additional budget allocations and other resources required to build a resilient information security program at the federal level,” said Kolochenko. Read Full Article
Infosecurity Magazine: AXA Faces DDoS After Ransomware Attack