USA requires improvements to cyber-security
Following the Solarwinds hack and ransomware attack on Colonial Pipeline, US President Joe Biden has signed an Executive Order to improve US cyber-defences in light of recent attacks.
There will now be detailed requirements for all government departments to tighten security in a defined timeframe.
Colonial operates a 5,000 mile (8,000km) pipeline that supplies 45% of the petrol and jet-fuel needs of the east coast of the US. It is critical national infrastructure.
The executive order requires all government departments to:
- Adopt MFA (multi-factor identification) log-in systems within 180 days
- Accelerate moves to “cloud” and “zero trust” frameworks
- Designate which “unclassified data” is too sensitive to be kept in normal networks storage
- Conduct more thorough reviews of critical-software suppliers
It also strongly encourages private cyber-security companies to improve their own defences and be more transparent about when they themselves are attacked. Cyber-security vendors will have to report intrusions within 72 hours of discovery.
Expect similar requirements to become the norm for all critical national infrastructure.
i2O already offers a cloud-based service from security-screened employees with data encrypted at rest and in transit, to which access is protected by MFA, with ISO27001 certification since June 2018 – intelligent network solutions and peace of mind.