President Joe Biden signed an executive order on Wednesday that aims to tighten up the country’s cybersecurity. The order comes as the country deals with the fallout of a ransomware attack on a major fuel supplier and other cybersecurity issues.
The executive order removes contractual barriers for the private sector and the government to share information and also requires multi-factor authentication and encryption in the federal government. The order also requires contractors who are hit with “severe cyber incidents” to report it within three days.
It also establishes baseline security standards for software that is sold to the government and establishes a Cybersecurity Safety Review Board that would convene after major cyberattacks and look at what happened and make recommendations on how to improve cybersecurity in the future.
The order was signed days after Colonial Pipeline was at the center of a ransomware attack. The attack forced the company to shut down operations for a period of time, resulting in fuel shortages on the East Coast. Other high-profile cybersecurity incidents include the Solar Winds hack and Microsoft Exchange vulnerabilities.
“This Executive Order makes a significant contribution toward modernizing cybersecurity defenses by protecting federal networks, improving information-sharing between the U.S. government and the private sector on cyber issues, and strengthening the United States’ ability to respond to incidents when they occur,” the White House said in a fact sheet about the executive order.
The White House said the Colonial Pipeline attack “is a reminder that federal action alone is not enough.”
On Thursday, Colonial Pipeline said it has “made substantial progress in safely restarting our pipeline system” and that “product delivery has commenced in a majority of the markets we service.”