Ivanti Federal CTO's Take on the Cybersecurity Executive Order
Ivanti Federal CTO, Bill Harrod, shares his take on the recent cybersecurity Executive Order issued by President Biden:
I applaud the Biden administration’s work on developing and releasing the Executive Order (EO) with mandates for improved threat and attack information sharing, focus on endpoint detection, acknowledging the risk of unchecked and unknown devices especially those sensors and actuators that are part of the Internet of Things. In addition, hopefully the Technology Modernization Fund (TMF) will aid agencies in making the improvements needed to upgrade technologies and software with a focus on the security of the network, enforcing strong, multi-factor authentication, implementing zero trust architectures, endpoint detection of new and untrusted devices, and taking the proactive approach to cybersecurity outlined in the EO.
In many ways, this is not terribly new, rather it is an acknowledgement that we have not been enforcing basic hygiene as we have built and expanded access to our applications and data. I can envision a time when a device connecting to an enterprise network will be automatically detected – even for an IoT or mobile device – queried for compliance with a baseline of cybersecurity standards, and quarantined if not compliant. In addition, to being “sandboxed,” the network can implement actions for automated remediation, and monitoring across the network will detect, remediate, and “self-heal” any device, solution, or technology that falls out of compliance.
The government started down this path years ago with the implementation of the Continuous Diagnostics and Mitigation (CDM) program. A program where the basics are focused on who is on my network, what devices are on my network, what activity is on my network, and how is data protected.
There will be significant challenges in implementing the EO. Timely information sharing has always carried an additional risk and stigma for companies that have been attacked and sharing the attack intelligence highlights the company’s vulnerabilities. Sharing vulnerability scans has long been a part of the regular cadence for companies that operate a FedRAMP cloud, but how many agency CIOs actually receive any information about those monthly reports? And today, the government’s enterprise network is everywhere, from the mobile device carried by top level officials, to the employees working from home, to the IoT devices being used for automation and process improvements.
Again, I applaud the Biden administration’s EO and look forward to being able to help define the details that will make for a strong and effective implementation.