US President Joe Biden, left, and Anthony Blinken, US Secretary of State, talk about the ceasefire agreement between Israel and Hamas, in the Cross Room of the White House in Washington, DC, US, on Wednesday, January 15, 2025. Israel and Hamas agreed to a ceasefire agreement The shooting led to at least a temporary halt to the war in Gaza that has killed tens of thousands of people over the past 15 months and sparked wider unrest across the Middle East.
Aaron Schwartz | siba | Bloomberg | Getty Images
The Biden administration on Thursday announced an executive order on cybersecurity that imposes new standards on companies that sell their products to the US government and calls for more disclosure from software providers.
The White House is looking to create new rules to “strengthen America’s digital foundations,” Anne Neuberger, deputy national security adviser for cybersecurity and emerging technology, said at a news conference on Wednesday.
Cyberattacks have caused an increasing number of disruptions within federal agencies and companies in recent years.
Attackers successfully carried out ransomware attacks on Change Healthcare, operator of the Colonial Pipeline and Ascension Healthcare System. and Microsoft It said in 2023 that Chinese attackers hacked the email accounts of US government officials, prompting a critical federal report and A series of changes At the software maker.
Companies that sell software to the US government will have to prove that their development practices are safe, according to a statement. Neuberger said there will be “guides that we publish on a government website for all software users to benefit from.”
The General Services Administration would have to develop a policy that makes cloud providers publish information to customers about how to operate securely.
Companies that sell products and services to the U.S. government must adhere to a new set of security practices as a result of the executive order.
Last week at the White House Announce US Cyber Trust Mark to help consumers evaluate internet-connected devices. The executive order stipulates that the US government will purchase such products only if they carry the mark, starting in 2027.
The order also directs the National Institute of Standards and Technology to come up with guidelines for handling software updates. In late 2020, hackers were able to access Microsoft and the US Department of Defense systems via… Targeting updates to SolarWindsOrion program.
It is not clear whether he is the president-elect Donald TrumpThe new administration will adhere to the executive order. Biden's cybersecurity officials have not met with those who will work for Trump.
“We haven't discussed that, but we're very happy, once the next cyber team is named, of course, we'll have any discussions during that final transition period,” Neuberger said.
