USA requires improvements to cyber-security

Following the Solarwinds hack and ransomware attack on Colonial Pipeline, US President Joe Biden has signed an Executive Order to improve US cyber-defences in light of recent attacks.

There will now be detailed requirements for all government departments to tighten security in a defined timeframe.

Colonial operates a 5,000 mile (8,000km) pipeline that supplies 45% of the petrol and jet-fuel needs of the east coast of the US.  It is critical national infrastructure.

The executive order requires all government departments to:

  • Adopt MFA (multi-factor identification) log-in systems within 180 days
  • Accelerate moves to “cloud” and “zero trust” frameworks
  • Designate which “unclassified data” is too sensitive to be kept in normal networks storage
  • Conduct more thorough reviews of critical-software suppliers

It also strongly encourages private cyber-security companies to improve their own defences and be more transparent about when they themselves are attacked.  Cyber-security vendors will have to report intrusions within 72 hours of discovery.

Expect similar requirements to become the norm for all critical national infrastructure.

i2O already offers a cloud-based service from security-screened employees with data encrypted at rest and in transit, to which access is protected by MFA, with ISO27001 certification since June 2018 – intelligent network solutions and peace of mind.