How Microsoft Helps Map the Executive Order Cybersecurity Milestones
President Biden administration’s issued the national cybersecurity Executive Order (EO) against the backdrop of various high-profile cyberattacks. The EO outlines ambitious ingenuities and aggressive timelines focused on enhancing cybersecurity between federal agencies and their suppliers. It also aims to shape cyber practices across the broader economy, focusing on secure software development, data sharing, and incident response.
According to the cybersecurity EO, July 11 is the first key deadline for every federal civilian agency to submit updated strategies for cloud technology deployment and implementation of the Zero Trust Architecture. To ensure organizations and federal agencies meet the immediate need and fast-track their journey towards Zero Trust and secure cloud, Microsoft has mapped the various milestones covered by the EO.
Key Elements of the Cybersecurity Executive Order
The EO outlines various practices focused on enhancing the national cybersecurity posture. These will primarily affect agencies in the Federal Government and organizations that transact with them. However, some of the requirements will affect certain federal contractors while also influencing the private sector.
Here are the primary directives of the EO:
- Elimination of contractual barriers between federal agencies and service providers – The EO aims to increase information sharing about cyber risks, incidents, and threats between the Federal Government and its operational technology and information technology service providers. The move seeks to accelerate cyber incident prevention, deterrence, and response efforts and achieve effective defenses of government data and systems. Part of this effort requires evaluating the FAR (Federal Acquisition Regulation) concerning contracts with the providers.
- Modernized cybersecurity approaches – The EO seeks to achieve this by outlining steps like implementing security best practices, migrating to secure cloud services, adopting the Zero Trust Architecture, and streamlining and centralizing access to cybersecurity information to facilitate identification and management of security risks. The EO also requires companies to adopt data encryption and multi-factor authentication within 180 days of the EO date.
- A more secure software supply chain – The executive order points to lower transparency during software development and on the availability of adequate controls to prevent tampering by threat actors. It calls for guidance to strengthen the supply chain, including criteria, procedures, and standards like attesting to conformity with the available software development practices and securing development environments.
- Creation of a cyber-safety review board – The EO requires establishing a safety review board that assesses and reviews specific cyber incidents targeting non-federal systems or FCEB information systems, threat activity, mitigation activities, vulnerabilities, and agency responses.
- Standardized incident response – Normally, organizations use different approaches to cyber threat detection, addressing incidents, and recovery from cyber incidents. However, the EO now calls for a standardized procedure for handling cybersecurity incidents and ensures a centralized and more coordinated incident cataloging and tracking progress towards successful response.
- Enhanced cyber threat detection – The EO emphasizes improving the ability to spot malicious activity and inconsistencies within federal agencies’ networks. This is possible through comprehensive Endpoint Detection and Response and enhanced information sharing between federal agencies and their contractors.
- The Federal Government’s enhanced investigative and remediation capabilities – Biden’s administration acknowledges the importance of collecting and maintaining the system and network logs by federal agencies and IT service providers to address cyber incidents. As such, the executive order recommends the log types to be maintained, how long agencies should retain them, how to secure the logs, and the duration for agencies to facilitate recommended security and logging requirements.
How Microsoft Is Mapping the Cybersecurity EO Milestones
The tech giant leverages insights from its move to the Zero Trust model and its vast experience working with federal agencies to provide concrete procedures that guide agencies in addressing the aggressive Executive Order timelines and enhance their baseline cybersecurity posture.
Here are the different milestones as mapped by the tech giant:
A Three-Phased Modernization Strategy
The tech giant uses a comprehensive, unique view of the cyber landscape to simplify the complicated aspects and unlock the Federal Government’s entire cyber capabilities. As such, they’ve designed prescriptive guidance for every step to activate the current abilities and enhance them using new technologies. This way, agencies can address complex cyberattacks more efficiently and with greater efficacy than ever before.
This phase involves modernization acceleration by focusing on risk identification and monitoring. To get started, you must enable single sign-on to apps, establish conditional access for MFA enforcement, and register and provision your devices for dynamic asset inventory. The approach offers a solid foundation for the subsequent phases and addresses several requirements within the EO.
This phase focuses on the monitoring insights from phase one to deploy risk-prioritized activities. Including a risk-based, dynamic context evaluation to system authorization is possible through a consistent and straightforward centralized policy via Azure AD Conditional Access. Leveraging cloud-native SIEM (security information event management) and SOAR (security orchestration automated response) solutions can offer more insights through inconsistency detection. Completing your remote administration via Azure Virtual Desktop and segmenting privilege using cloud-focused administrator accounts can substantially reduce risk.
This phase focuses on enhancing protection, achievable by implementing BYOD mobile device management enrollment at the authorization level. This provides various non-enterprise devices and can proactively manage patches, policies, updates, device health monitoring, and endpoint detection and response to enable additional control and telemetry.
Demystifying The Zero Trust Journey Using Five Reference Architectures
Achieving the proper Zero Trust maturity may seem daunting at first. Still, most agencies are ready to work with the three-phase approach and reach the next milestone by simply activating and fine-tuning their existing capabilities.
On this note, Microsoft has come up with the five most impactful scenarios that organizations can build towards throughout the three modernization phases. These include:
- Cloud-ready authentication apps
- Web apps with legacy authentication
- Remote server administration
- Segment cloud administration
- Network micro-segmentation
Collaboration On Constant Improvement
Microsoft’s vast experience working with federal agencies, deep understanding of the current threats, and broad product capabilities enable the software company to deliver an all-inclusive approach to Zero Trust. The tech giant encourages a partnership between Federal agencies and the industry to accelerate modernization, deploy a robust cybersecurity posture that changes with the complex and dynamic modern government, and meet the long- and short-term EO requirements.
The 2021 Cybersecurity EO by the Biden admiration is revolutionary, allowing Federal Government agencies and organizations to push through the complexities of the current cybersecurity landscape. However, it comes with different demands that require immediate action from all involved parties.
As a key industry player, Microsoft has been dedicated to ensuring agencies meet the immediate need and accelerate their long-term approach to the Zero Trust model and secure systems. As such, agencies can meet the aggressive timelines set by the EO, improve their cybersecurity posture, and answer the government’s call to enhanced cyber resilience.
To learn more about the cybersecurity Executive Order and stay compliant, a reliable Microsoft partner in the DC Metro area will be helpful. So speak with us today about your compliance with CMMC and boost your cybersecurity initiatives.