/18 May 2021

How the New Cybersecurity Executive Order May Impact Your Business

Last week, The President issued an Executive Order (EO) on Cybersecurity to improve the United States’ cybersecurity infrastructure and protect federal government networks. Though most of the order focuses on government agencies, it will have a profound and lasting impact on how both the government and the private sector approach cyber issues moving forward.

Here’s what you should know.

How does the new EO impact the private sector?

The new EO comes at the heels of the biggest known cyberattack on U.S. energy infrastructure. The ransomware attack on the Colonial Pipeline, a private entity that serves the general public, comes as a reminder that the government alone cannot provide cybersecurity protection for the country.

One of the biggest impacts to the private sector is the section around supply chain security. Given that many software programs today lack transparency and are vulnerable to cyberattacks, the government will establish baseline security standards for the private sector to develop software sold to the government. This includes requiring software developers to offer greater visibility into their products’ security, testing methods, vulnerabilities, and more.

Since the same products designed for the government often end up in the hands of businesses, we should see increased demand from the private sector for the same attention to the security required by the government. In fact, a statement by the White House says, “We encourage private sector companies to follow the Federal Government’s lead and take ambitious measures to augment and align cybersecurity investments with the goal of minimizing future incidents.”

Details of the 2021 Cybersecurity Executive Order

The new roadmap for the nation’s cyber defense includes seven sections aimed at strengthening the United States’ ability to respond to incidents quickly when they occur. From requiring a zero-trust model among government agencies to encouraging information sharing between the government and private sector, we will be seeing sweeping changes in federal security practices over the next year.

According to the White House, the EO President Biden signed last Thursday will:

  • Remove barriers to threat information sharing between government and the private sector
  • Modernize and implement more robust cybersecurity standards in the federal government
  • Improve software supply chain security
  • Establish a cybersecurity safety review board
  • Create a standard playbook for responding to cyber incidents
  • Improve detection of cybersecurity incidents on federal government networks
  • Improve investigative and remediation capabilities

We recommend reading the Executive Order Fact Sheet and paying special attention to section 4 to enhance software supply chain security.

How 10Pearls can help

At 10Pearls, cybersecurity is not an afterthought. We have a deep focus on security and integrate it throughout the lifecycle of digital product development. From round-the-clock security operations services to integrated DevSecOps pipelines and deep experience with quality assurance and testing, we deliver the highest level of protection for your product without delaying deployment.

10Pearls is also a signatory of the Cybersecurity Tech Accord, whose mission is to promote a safer online world by fostering collaboration among global technology companies committed to helping customers and users defend against malicious threats.

To learn more about how we help increase software security assurance and keep your business secure, visit: https://10pearls.com/continuous-security/