Difference between revisions of "Executive Order on Cybersecurity"

From MgmtWiki
Jump to: navigation, search
(Problem)
(Buzz Word Bingo)
Line 15: Line 15:
 
*Zero trust architecture as defined by NIST
 
*Zero trust architecture as defined by NIST
 
*Software as a Service SaaS (aka Cloud Technology)
 
*Software as a Service SaaS (aka Cloud Technology)
 +
* Cloud-service governance framework (a range of services and protections available to agencies based on incident severity.
  
 
==References==
 
==References==
  
 
[[Category: Vulnerability]]
 
[[Category: Vulnerability]]

Revision as of 21:38, 12 May 2021

Full Title or Meme

Executive Order on Improving the Nation’s Cybersecurity from Joseph Biden on 2021-05-12

Context

  • Issued days after the Colonial Pipeline carrying 45% of the East Coast's fuel was shut down after a ransomware attack compromised their computer systems which threatened the security of the pipeline.

Problem

"The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy.."

  • The US has been treating cybersecurity as an offensive weapon and not addressing defense of the country, only of the military assets.
  • In this order and in previous reports from the government, it is stated that barriers exist to sharing information. But they never admit that the federal government will not share threats that they find in software with the manufactures of that software.
  • The order continues to push the problem that they have created by building offensive cryber weapons on the private section which is now being attacked by the very weapons that the US government has created or discovered.

Buzz Word Bingo

  • Zero trust architecture as defined by NIST
  • Software as a Service SaaS (aka Cloud Technology)
  • Cloud-service governance framework (a range of services and protections available to agencies based on incident severity.

References