On May 12, 2021, the White House issued an Executive Order (EO) on cybersecurity titled, 加强国家网络安全y.
The EO claims to make a significant contribution towards modernizing cybersecurity defenses by protecting federal networks, improving information-sharing between the government 和 private sector 和 strengthening the nation’s ability to respond to incidents. 受几起备受关注的网络事件的影响,包括 殖民地的管道 和 SolarWinds,《bet9游戏平台》的目标是推行多项网络措施,包括:
Remove Barriers to Threat Information Sharing Between 政府 和 the Private Sector.
The EO ensures that IT Service Providers are able to share information with the government 和 requires them to share certain breach information.
Modernize 和 Implement Stronger 网络安全 St和ards in the Federal 政府.
The EO helps move the Federal government to secure cloud services 和 a zero-trust architecture, 和 m和ates deployment of multifactor authentication 和 encryption with a specific time period.
提高软件供应链安全.
The EO will improve the security of software by establishing baseline security st和ards for development of software sold to the government, including requiring developers to maintain greater visibility into their software 和 making security data publicly available.
建立网络安全审查委员会.
行政长官设立网络安全审查委员会, co-chaired by government 和 private sector leads that may convene following a significant cyber incident to analyze what happened 和 make concrete recommendations for improving cybersecurity.
创建应对网络事件的标准剧本.
The EO creates a st和ardized playbook 和 set of definitions for cyber incident response by federal departments 和 agencies. The playbook will ensure all Federal agencies meet a certain threshold 和 are prepared to take uniform steps to identify 和 mitigate a threat. The playbook will also provide the private sector with a template for its response efforts.
Improve Detection of 网络安全 Incidents on Federal 政府 Networks.
The EO improves the ability to detect malicious cyber activity on federal networks by enabling a government-wide endpoint detection 和 response system 和 improved information sharing within the Federal government. 联邦政府应该在网络安全方面发挥领导作用, 和强大的, 政府-wide Endpoint Detection 和 Response (EDR) deployment coupled with robust intra-governmental information sharing are essential.
提高调查和补救能力.
The EO creates cybersecurity event log requirements for federal departments 和 agencies. 糟糕的日志记录会妨碍组织检测入侵的能力, 减轻正在进行的工作, 并在事后判断事件的严重程度.
While the consensus is that the intentions of the EO is in the right place, industry experts debate if good intentions will have an immediate impact on the rampant cybersecurity attacks impacting the federal 和 private sectors. 重要的是要记住,行政长官不是法规, rather formal documentation of policy directives 和 expressions of a president’s opinion – 和 without congress’s support, 对私营机构没有强制执行力.
白宫资源
- 关于改善国家网络安全的行政命令
- FACT SHEET: President Signs Executive Order Charting New Course to Improve the Nation’s 网络安全 和 Protect Federal 政府 Networks
关于施耐德唐斯网络安全
The bet9游戏平台 cybersecurity practice consists of experts offering a comprehensive set of information technology security services, 包括渗透测试, 入侵防御/检测审查, ransomware安全, vulnerability assessments 和 a robust digital forensics 和 incident response team. 欲了解更多信息,请访问 tq6o.mogrenlandscape.com/cybersecurity 或bet9平台游戏的团队 cybersecurity@mogrenlandscape.com.
此外,我们的 数字取证和事件响应 teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.