President Joe Biden signed an executive order on Wednesday in an attempt to bolster US cybersecurity defenses after a number of devastating hacks, including the Colonial pipeline attack, revealed vulnerabilities across business and government.
“Recent cybersecurity incidents… are a sobering reminder that US public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals,” the White House said.
Under the order, federal agencies will be required to introduce multi-factor authentication to their systems and encrypt all data within six months in a bid to make it harder for hackers to penetrate their IT infrastructure.
The order also requires IT providers that contract with the government to meet higher security requirements and report to the government if their systems have been breached. There would be strict timelines for disclosure on a sliding scale based on the severity of the incident, a senior administration official said.
A pilot of a new star rating system for software sold to the government will also be launched so that the officials and the public can judge how secure it is.