바이든, 소프트웨어에 대한 정부 차원의 2FA, 에너지 스타형 라벨 요구 | 바이든 행정부는 야심찬 사이버 보안 행정명령을 발표했습니다.

newsroom 5/15 '21 posted 뉴스 IT

• 대형 교통사고가 발생한 경우 국가교통안전위원회(NTSB)처럼 중대한 사이버보안 사고 이후 소집되는 정부 및 민간 전문가로 구성된 사이버보안 안전심의위원회를 설치합니다.

• "기관 수준에서 EO는 정부에 판매된 소프트웨어 개발, 사이버 공격에 대응하는 방법을 위한 플레이북 개발, 공격 감지 개선 및 CISA가 주도하는 기관 간 정보 공유 개선을 위한 기본 보안 표준도 요구합니다.

• 고위 관리 책임자에 따르면, "이번 행정명령은 사고 대응에서 예방, 보안에 대한 논의에서 보안 수행으로 이어지는 사고 방식의 근본적인 변화를 반영한다"며, 공격적이지만 달성 가능한 목표를 설정해 연방 정부를 사이버 보안의 리더로 만들고 소프트웨어 보안 및 사고 대응을 개선해야 한다고 한다"고 합니다.

• 정부 전반의 엔드포인트 감지 및 대응(EDR) 시스템과 연방 정부 내의 정보 공유를 개선함으로써 연방 정부 네트워크에서 사이버 보안 사고 탐지를 개선합니다.

• 콜로니얼 파이프라인은 수요일 저녁 바이든 대통령이 이와 같은 미래의 사건이나 솔라윈즈 해킹이나 최근의 Exchange 서버 접수를 막기 위한 행정명령에 서명했다고 발표했습니다.

Biden Calls for Government-Wide 2FA, Energy Star-Type Labels for Software [www.pcmag.com]

Biden administration releases ambitious cybersecurity executive order [www.csoonline.com]

The Morning After - Engadget [www.engadget.com]

President Joe Biden signs executive order to strengthen U.S. cybersecurity defenses [www.neowin.net]

Biden's executive order faces challenges trying to beef up US cybersecurity [www.techrepublic.com]

Colonial Pipeline hack 'wakeup call' on U.S. cyber vulnerability: Buttigieg [www.cnbc.com]

newest replies popular replies

Open Wiki - Feel free to edit it. -

5/15 '21 answered

The Colonial Pipeline attack is a sobering reminder that, in the 21st century, malicious hackers can reach across continents to target our critical infrastructure.

We have a lot of work ahead to bolster America's cyber-defenses, but this is a good step. https://t.co/tiW1oondlc
— Michael Bennet (@SenatorBennet) May 13, 2021

If I’m reading section 7 of this right it looks like the USG is partly doing this, a central EDR at least which will be a major good thing (and potentially highlight a ton of unknown breaches). https://t.co/5TFwfLuAfd
— Kevin Beaumont (@GossiTheDog) May 13, 2021

The Colonial Pipeline incident is a sobering reminder that our nation faces sophisticated cyber threats.

Today, President Biden signed an executive order to chart a new course to improve the nation's cybersecurity and protect federal government networks. https://t.co/j9wyCKdwj0 pic.twitter.com/bJxVYf2D72
— The White House (@WhiteHouse) May 13, 2021

JUST IN: @POTUS Biden signs long-awaited executive order on cybersecurity designed to protect federal networks, improve information-sharing between the government and private sector on cyber issues, and strengthen the U.S. ability to respond to cyber incidents as they occur
— Ed O'Keefe (@edokeefe) May 12, 2021

.@POTUS signed an executive order today stating that agencies should “participating in a vulnerability disclosure program that includes a reporting and disclosure process.” This will be the path to more gov bug bounties and @Hacker0x01 is here to serve! https://t.co/21KzB9aY4Y
— Jobert Abma (@jobertabma) May 13, 2021

Unpopular Opinion (?): Biden can do more for cybersecurity by legalizing marijuana than these executive orders.
— Damian (@decryptlyfe) May 13, 2021

The Administration's new Cybersecurity Executive Order lays out an ambitious & achievable workplan to dramatically improve the security of US govt networks by using the power of the purse. Kudos to the team for pulling this together. https://t.co/aFMuD3vdEX
— Chris Krebs (@C_C_Krebs) May 12, 2021

Recent cybersecurity incidents such as the #ColonialPipelineHack are a stark reminder that the U.S. faces increased threats from cyber criminals, reports NPR: https://t.co/Vk53FovBpo

Take cybersecurity into your own hands using the NOVA Cybersecurity Lab: https://t.co/G195wCXF3I pic.twitter.com/NLhLCPydxH
— NOVA Labs (@theNOVALabs) May 13, 2021

If you leave a VPN appliance unpatched for a few years, you may encounter a sophisticated cyber threat. https://t.co/aHWCwqn2jB
— thaddeus e. grugq (@thegrugq) May 13, 2021

A White House official said President Biden's executive order on cybersecurity "reflects a fundamental shift in our mindset from incident response to prevention, from talking about security to doing security." https://t.co/qqjEsxA1SQ
— NPR Politics (@nprpolitics) May 13, 2021

This executive order is a good first step, but executive orders can only go so far. Congress will have to step up & do more to address our cyber vulnerabilities, & I look forward to working with the administration & my colleagues on both sides of the aisle to close those gaps. https://t.co/O8w1Ts9ddg
— Mark Warner (@MarkWarner) May 13, 2021

Kennan Director @MatthewRojansky spoke with @NPR's @FrancoOrdonez about the importance of setting rules of engagement with Russia when it comes to #cyber and #armscontrol issues.

READ the piece ? https://t.co/QQmIZCPryh
— Kennan Institute (@kennaninstitute) May 13, 2021

President Biden signed an executive order to boost America's cyber defenses.

It requires companies to report breaches, updates federal network standards and establishes a board to review cyber incidents. https://t.co/NNVQ68Nr1M
— NPR Politics (@nprpolitics) May 13, 2021

Cybersecurity is a foundational element of our national security priorities.

This is a good first step, but we need to continue to harden our public and private cyber resiliency and aggressively prosecute the use of criminal ransomware.https://t.co/ym3vdmuE8e
— Chris Murphy (@ChrisMurphyCT) May 13, 2021

Colonial Pipeline hack was 'wakeup call' on U.S. cyber vulnerability, Buttigieg says

https://t.co/73l1LTRRZ9
— Mike Walker (@New_Narrative) May 13, 2021

Colonial Pipeline hack was 'wakeup call' on U.S. cyber vulnerability, Buttigieg says https://t.co/4EV5FqfT9R
— CNBC (@CNBC) May 13, 2021

permanent link

Reply with curations

Related

Featured