U.S. President Joe Biden (L) and U.S. Secretary of State Antony Blinken speak on the ceasefire agreement between Israel and Hamas in the Cross Room of the White House in Washington, DC, U.S., Wednesday, January 15, 2025. The ceasefire agreement at least temporarily halts the war in Gaza that has killed tens of thousands of people over the past 15 months and sparked wider unrest across the Middle East.
Aaron Schwartz | Sipa | Bloomberg | Getty Images
The Biden administration on Thursday announced an executive order on cybersecurity that sets new standards for companies that sell products to the U.S. government and requires more disclosures from software vendors.
Anne Newberg, deputy national security adviser for cybersecurity and emerging technologies, said at a briefing with reporters on Wednesday that the White House is seeking to develop new rules “to strengthen America’s digital foundation.”
In recent years, cyberattacks have caused increasing disruption within federal agencies and companies.
Attackers carried out ransomware attacks against Change Healthcare, the operator of Colonial Pipeline and Ascension Healthcare Systems. and Microsoft 2023 said Chinese attackers broke into the email accounts of U.S. government officials, triggering a major federal report and prompting a series of changes at the software maker.
Companies that sell software to the U.S. government must demonstrate that their development practices are safe, a statement said. “We will publish the evidence on a government website so that all users of the software can benefit,” Newberg said.
The General Services Administration must establish policies that enable cloud providers to provide customers with information on how to operate securely.
Under the executive order, companies selling products and services to the U.S. government must adhere to a new set of security practices.
White House last week declare The U.S. Internet Trustmark label helps consumers evaluate connected devices. The executive order stipulates that starting in 2027, the U.S. government will only purchase such products bearing this label.
The order also directs the National Institute of Standards and Technology to develop guidelines for handling software updates. In late 2020, hackers gained access to Microsoft and U.S. Department of Defense systems through updates targeting: solar wind‘Orion Software.
It’s unclear whether President-elect Donald Trump’s new administration will uphold the executive order. Biden’s cybersecurity officials have yet to meet with those who will take over the job for Trump.
“We haven’t had discussions yet, but we’re excited about that, and of course we’ll have any discussions during the final transition period once the new network team is appointed,” Newberg said.
watch: gentlemen. CISA Director Chris Krebs talks about cyber threats: Offensive cyber activities are expected to increase
About The Author
