In response to recent major cyber events, including the SolarWinds supply chain attack and the Colonial Pipeline ransomware attack, the Biden Administration issued an Executive Order “to improve the nation’s cybersecurity and protect federal government networks.”
According to the White House, the Executive Order “makes a significant contribution toward modernizing cybersecurity defenses by protecting federal networks, improving information-sharing between the U.S. government and the private sector on cyber issues, and strengthening the United States’ ability to respond to incidents when they occur.”
We’re here to dissect the Executive Order and break down the specific areas of improvement it’s addressing, how your enterprise may be affected, and what you can do to help ensure these improvements come to life within our nation’s cyber landscape.
Major Areas of Improvement for the Federal Government
Although we already have best practices and standards in place for users to navigate the cyber realm safely, the Executive Order outlines seven major areas of improvement to help set the cybersecurity priority and agenda for the federal government in order to help elevate our nation’s overall security posture. These seven major areas of improvement include:
- Remove barriers to threat information sharing between the government and the private sector.
- Modernize and implement stronger cybersecurity standards in the federal government.
- Improve software supply chain security.
- Establish a Cybersecurity Safety Review Board.
- Create a standard playbook for responding to cyber incidents.
- Improve detection of cybersecurity incidents on Federal Government Networks.
- Improve investigative and remediation capabilities.
Three Ways You Can Help Improve the Nation’s Cybersecurity
To add to these efforts, there are three major ways that you can directly contribute to improving the nation’s cybersecurity that are consistent with the Biden Administration’s goals contained within the Executive Order. These include:
- Modernize and implement stronger cybersecurity standards by enabling suppliers to insert security controls into critical software at build time (Section 4 (a)). NIST 800.53 version 5 now states that RASP is a key control in protecting software. RunSafe Security enables your software development team to incorporate runtime protections into your software code at build time without slowing down. This approach protects software from both known and unknown vulnerabilities that scanning tools miss. All suppliers should incorporate this protection into their embedded software they ship to the U.S. Government, if not all customers across critical infrastructure. See Alkemist:Code for more information.
Improve software supply chain security by providing pre-hardened open source software packages with a complete software bill of materials (Section 4 (e) vii).
- North Carolina State University conducted a study that showed leading scanning tools failed to detect 97.5% of memory based vulnerabilities in the Linux operating system over a ten-year period. At RunSafe, we build from source and harden the most common open source packages (Apache, NGINX, MySQL, PostgreSQL, Reddis, Python [interpreter], Java [interpreter], and many more) from known and unknown vulnerabilities. Given the Executive Order, we are committed to incorporating a complete software bill of material as part of the package we deliver. See Alkemist:Repo for more information.
- Improve detection of cybersecurity events by monitoring software crashes (Section 4 (e) 1(F)). Most monitoring tools are focused on anomaly and behavior detection relaying on network events and data. At RunSafe, we focus on collecting and analyzing software crashes at the source (and time) of the crash—and then classifying a crash as “bug” or “attack.” This software crash data gives an organization indicators of instability, unreliability, and vulnerability that scanning tools miss, and often highlights the holes that nation status and sophisticated cyber attackers will exploit. In this case of an attack, RunSafe will pre-package the incident data and route according to standards required, allowing for an organization to comply with the goal of the Executive Order. See Alkemist:Flare for more information.
The Role of RunSafe’s Technology
Our products fit across your software development lifecycle. For teams using CI/CD pipelines, we deploy easily within your DevSecOps pipeline to provide runtime protections and monitoring.
Ready to Engage and Protect
At RunSafe Security, we embrace the need to improve the nation’s cybersecurity. Whether you are a provider of critical infrastructure, a supplier to the U.S. Government, or a government agency, we are available to collaborate with you to meet the requirements of the Executive Order. Our mission is to disrupt hacker economics by shifting the advantage back to the defender. Join us today.