Specifically citing a slew of recent incidents including SolarWinds, Microsoft Exchange server hacks and the ongoing Colonial Pipeline situation, President Biden signed an executive order today that focuses on “improving the nation’s cybersecurity.” The steps it lays out are supposed to improve information sharing between agencies, set policies to protect federal networks and improve the response to breaches by creating a standardized “playbook” that will be reviewed by the director of CISA.
According to a summary released at the same time, it also sets standards for software that’s sold to the federal government, and tasks NIST with developing a labeling program “to educate the public on the security capabilities of Internet-of-Things (IoT) devices and software development practices” similar to existing Energy Star labels on appliances.
How much impact the order will have is unclear without action and funding from Congress, but it does lay out some first steps. According to NBC News, an administration official told reporters that it “reflects a fundamental shift in our mindset from incident response to prevention.” In a statement, Senator Mark Warner said “This executive order is a good first step, but executive orders can only go so far.”
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.