June 13, 2021

Volume XI, Number 164

Advertisement

June 11, 2021

Subscribe to Latest Legal News and Analysis

New Executive Order Takes Aim at Improving Cybersecurity

On May 12, 2021, President Biden signed an Executive Order on Improving the Nation’s Cybersecurity. The Order outlines a number of initiatives intended to improve cybersecurity in the U.S. and protect federal government networks, including:

  • Removing barriers to information sharing between the government and private sector, such as contractual obligations that otherwise would prohibit IT service providers from sharing certain breach information;

  • Modernizing and implementing stronger cybersecurity standards in the federal government, for example, by mandating the deployment of multi-factor authentication and encryption;

  • Improving software supply chain security by establishing baseline security standards for the development of software sold to the government and requiring developers to make security data publicly available;

  • Establishing a Cybersecurity Safety Review Board (to be co-chaired by government and private sector leads) that may convene following a significant cyber incident to analyze what happened and make concrete recommendations for improving cybersecurity;

  • Creating a standard playbook for responding to cyber incidents to ensure all federal agencies are prepared to take uniform steps to identify and mitigate a threat; and

  • Improving the detection of cybersecurity incidents on federal government networks by enabling a government-wide endpoint detection and response system and improved information sharing within the federal government; and

  • Improving investigative and remediation capabilities by creating robust cybersecurity event log requirements for federal departments and agencies.

Recognizing that much of the critical infrastructure in the U.S. is owned and operated by the private sector, a White House statement encourages private sector companies to “follow the Federal government’s lead and take ambitious measures to augment and align cybersecurity investments with the goal of minimizing future incidents.”

Copyright © 2021, Hunton Andrews Kurth LLP. All Rights Reserved.National Law Review, Volume XI, Number 133
Advertisement
Advertisement
Advertisement

TRENDING LEGAL ANALYSIS

Advertisement
Advertisement
Advertisement

About this Author

In today’s digital economy, companies face unprecedented challenges in managing privacy and cybersecurity risks associated with the collection, use and disclosure of personal information about their customers and employees. The complex framework of global legal requirements impacting the collection, use and disclosure of personal information makes it imperative that modern businesses have a sophisticated understanding of the issues if they want to effectively compete in today’s economy.

Hunton Andrews Kurth LLP’s privacy and cybersecurity practice helps companies manage data and...

212 309 1223 direct
Advertisement
Advertisement