Mark Lantern, a former member of the U.S. Secret Service Electronic Crimes Taskforce, provides an overview of President Biden’s Executive Order on Improving the Nation’s Cybersecurity.
The Biden order stresses the need for standardizing at numerous levels, including contractual requirements for third-party vendors, policies and procedures for cloud technology, and guidelines for enhancing software assessment and supply chain security. Standardization is a cornerstone of any strong cybersecurity program. In previous articles, I’ve discussed the often disjointed nature of organizational knowledge and procedures, especially in regard to new circumstances that affect security posture, such as cloud migrations and third-party vendor relationships. Standardization allows for better communication, response, and reporting capabilities, especially when faced with a large-scale breach. The order also emphasizes addressing weaknesses in software supply chain security and standardizing software testing and assessment requirements, a proactive measure in mitigating cyber risk.
Open standards and communication alignment—the peanut butter and jelly of a win win sandwich.➵