Biden’s Cyber Executive Order: Go Modern, Go Zero Trust

Share on facebook
Share on twitter
Share on linkedin

On May 12 the Biden administration signed an executive order that unveiled a whole new approach to cybersecurity. For the first time, Zero Trust was referred to as a security requirement all federal agencies need to adopt and work by.

Here are some of the highlights that pertain to Zero Trust and segmentation vendors:

Cybersecurity is a US government top national priority

The tone is set at the beginning: “It is the policy of my Administration that the prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security.”

Go Modern, Go Zero Trust

 “To keep pace with today’s dynamic and increasingly sophisticated cyber threat environment, the Federal Government must take decisive steps to modernize its approach to cybersecurity…The Federal Government must adopt security best practices; advance toward Zero Trust Architecture; accelerate movement to secure cloud services…and invest in both technology and personnel to match these modernization goals.”

After this, it then goes on to state that within 60 days, the heads of each federal agency must develop a plan to implement a Zero Trust architecture within their organization.

The order refers to both IT and OT

“The scope of protection and security must include systems that process data (information technology (IT)) and those that run the vital machinery that ensures our safety (operational technology (OT).”

Moving from detection and prevention to assuming breach

Zero Trust is a significant departure from the traditional network security models. “The Zero Trust Architecture security model assumes that a breach is inevitable or has likely already occurred, so it constantly limits access to only what is needed and looks for anomalous or malicious activity.”  

Gone are the days of relying on perimeter-based legacy firewalls to prevent breaches. The need to handle the growing complexity of workloads moving across data center and cloud environments coupled with massive ransomware attacks have exposed the inadequacy of traditional security models.

Cloud is the platform of choice and must also be built on Zero Trust

The need to move to the cloud is stated throughout the entire order, here’s one example: The CISA shall modernize its current cybersecurity programs, services, and capabilities to be fully functional with cloud-computing environments with Zero Trust Architecture.”

Migration to the cloud has to be based on the principles of Zero Trust to allow smooth migration of workloads across platforms and least privilege user access. 

Critical software such As Software Supply Chain Must adopt Zero Trust And Segmentation

Agency heads must apply practices of least privilege, network segmentation, and proper configuration within the next 60 days.
Attacks of ‘pandemic’ proportions such as SolarWinds, Microsoft Exchange, and most recently Colonial Pipeline may not be as easy to launch once the least privilege approach is adopted.

‘Significant’ incidents will be investigated by a new board

The Department of Homeland Security was instructed to create a Cyber Safety Review Board to investigate and debrief “significant cyber incidents.”

This means that perhaps next time a company pays ransom such as the 5 million dollar payment made by Colonial Pipeline to the DarkSide hacking group, the payments will be made in the open, giving the public better exposure to the scale of the ransomware problem.

Need help with Zero Trust?

We’ve been practising these principles for years and helped companies of all sizes secure their business-critical applications and migrate to the cloud based on Zero Trust segmentation. Talk to us!

From Guardicore's
Resource Center

Managed threat hunting delivered by Guardicore Labs
Synchronize and automate security across your entire network.

Subscribe To Our Newsletter

No spam, we promise. We’re only going to send you insights on how to reduce risk in your data center and clouds.

See Centra in Action

Reduce your attack surface and prevent lateral movement with fast and simple segmentation that works everywhere.

See Guardicore Centra in Action

Schedule a demo customized to your specific security needs