President Joe Biden issued an executive order on Thursday focusing on cybercrime, federal cybersecurity, and securing commercial software. The order, crafted after a seven-month review of major cyber incidents over the last four years, aims to strengthen America’s digital foundations and protect its citizens.
Anne Neuberger, deputy national security adviser for cyber, emphasized the goal of making it costlier and more challenging for China, Russia, Iran, and ransomware criminals to hack. The order is divided into nine major issues, including making software more secure, combating cybercrime, promoting security in artificial intelligence, reducing government cybersecurity bureaucracy, and defending against threats to space systems.
One significant aspect of the executive order is leveraging the U.S. government’s $100 billion annual IT procurement to compel companies to produce secure products, implement artificial intelligence widely, and adopt post-quantum technology. It also enhances federal agencies’ ability to protect government systems and target ransomware gangs more effectively.
The order mandates software suppliers to prove secure development practices when creating products for the federal government, with validation results made public for broader customer awareness. It also requires agencies to simplify cybersecurity requirements for federal information systems and implement phishing-resistant authentication technologies, among other cybersecurity measures.
In terms of identity protection, the executive order seeks to establish privacy-preserving digital identity infrastructures to combat identity fraud and cybercrime. An early-warning fraud tool pilot program will be launched to alert Americans of potential fraudulent claims. Additionally, it aims to improve government programs’ cybersecurity to prevent vulnerabilities that hackers can exploit.
The government also plans to enhance space system cybersecurity through new contract requirements and inventory space ground systems to recommend cyberdefense improvements. The executive order prioritizes public-private partnerships to deploy artificial intelligence for critical infrastructure cyberdefense and supports research into AI-based cybersecurity tools for vulnerability discovery and threat detection.
The order underscores the Biden administration’s commitment to cybersecurity, following multiple headline-grabbing cyber incidents. Neuberger highlighted the importance of learning from past attacks to strengthen digital infrastructure and enhance the country’s ability to use sanctions against malicious cyber actors.
Overall, the executive order reflects a comprehensive approach to cybersecurity, aiming to protect critical infrastructure, secure digital foundations, and thwart cyber threats effectively. With a focus on collaboration between government and private sectors, the order sets a strategic path for bolstering national cybersecurity measures and safeguarding American citizens online.