- The White House issued an executive order to improve the country’s cybersecurity.
- The order comes as a result of the recent cyber attack on the colonial pipeline.
- Governments must play an important role in defining and ensuring cybersecurity.
The recent Colonial Pipeline cyber attack was an unfortunate reminder of the danger of cyberattacks on a nation’s economy.
Since the ransomware attack, the pipeline, which carries nearly half of the supply of diesel, gasoline and fuel to the east coast, has been mostly offline, leading to rising gasoline prices to highest levels since 2014. The pipeline has paid a $ 5 million ransom in bitcoin for hackers.
Days later, the U.S. issued an executive order setting out a plan to improve the country’s cybersecurity. It is a welcome action and could offer a way forward to prevent similar attacks in the future.
Why should governments act on cybersecurity?
Cybersecurity challenges are systemic and require both the public and private sectors to work closely to achieve strong cyber resilience.
National governments around the world are one of the largest buyers of technology solutions and investors in innovation thanks to their R&D grants. Governments play an important role in defining the basis of cybersecurity in products, including software and hardware, which they buy or acquire.
By ensuring due diligence in cybersecurity in innovation, development, and technology acquisition, governments can increase the overall health of their technology and the long-term success of their suppliers.
The U.S. executive order is an important step because it will lay the groundwork for collaborative efforts between the public and private sectors that should ultimately be scaled beyond national borders.
The focus on improving software supply chain security is especially key. The government says it will pilot new programs, such as security labeling software.
The order also includes much-needed support for transparency and accountability in the digital supply chain, as it requires important disclosures, such as a list of software materials, to help government buyers understand where it comes from. your code and who wrote it.
The executive order also says the U.S. will promote more durable technology and improve overall cyber resilience. It includes the principle of “Zero Trust Architecture”, which is designed to protect modern digital environments by leveraging network segmentation, preventing lateral movement, providing layer 7 threat prevention, and simplifying granular access control to the user.
This is encouraging because it suggests that the government raises cybersecurity to a strategic level when it comes to developing new technologies and building cybersecurity programs between the public and private sectors.
There is hope that this executive order will bring the attention of private sector executives to cybersecurity issues and inspire action.
Cybersecurity is a team sport and success depends on the contributions of all the players in the ecosystem. The complex challenges of ensuring trust and security in today’s digital reality, such as supply chain security, cybercrime, privacy and many others, can only be solved through public-private cooperation globally.