WASHINGTON — President Joe Biden signed an executive order Wednesday aimed at addressing the country’s vulnerability to cyberattacks.
The announcement comes as Colonial Pipeline, the country’s largest gas pipeline and a major supplier of fuel to the Southeast, said they restarted operations Wednesday after its pipeline remained largely closed for roughly six days following a ransomware attack by hackers last week.
The executive order also comes as the U.S. is still reeling from last year’s SolarWinds cyberattack — a widespread breach that tore into U.S. government agencies and dozens of corporations — as well as a recent attack by Chinese hackers that broke into federal networks.
The executive order requires IT service providers to share certain breach information with the government, modernizes and implements stronger cybersecurity standards in the federal government, establishes security standards for development of software sold to the government and will create an “energy star” label so that consumers can better determine whether software was developed securely.
The order establishes a cybersecurity safety review board co-chaired by representatives from the government and the private sector to analyze cyberattacks and make future recommendations, as well as creates a standardized playbook on how federal agencies should respond to a cyberattack. It also takes steps to better improve the government’s ability to detect malicious cyber activity on federal networks and requires federal department and agencies to log any cybersecurity events.
“Today’s executive orders makes a downpayment towards modernizing our cyber defenses and safeguarding many of the services on which we rely. It reflects a fundamental shift in our mindset from incident response to prevention,” said a senior administration official in a briefing call with reporters.
“This executive order is about taking the steps necessary to prevent cyber intrusions from happening in the first place and second, insuring we’re well positioned to respond rapidly to address incidents when they do occur,” the official added.
When asked about the Colonial Pipeline hack Wednesday afternoon, Biden said that it underscored the investment that needed to be made in boosting cybersecurity.
“I think what this shows is that we have to make a greater investment in education as it relates to being able to train and graduate more people proficient in cybersecurity,” Biden said.
Kevin Collier contributed.