Biden’s Cybersecurity Executive Order

On May 12, 2021, the Biden Administration issued its much anticipated “Executive Order on Improving the Nation’s Cybersecurity.” Below are provisions we believe will be of most interest to contractors, as well as any company that provides information technology (“IT”) and operational technology (“OT”) services, cloud computing, software, or internet of things (“IoT”) technology, as the new regulations and standards called for in the Order are likely to have an impact beyond government contractors.

Sec. 2 – Sharing Threat Information – recognizes IT and OT service providers, including cloud service providers, have unique access and insight into cyber threat and incident information.

Sec. 3 – Modernizing Federal Government Cybersecurity – requires the government to modernize its approach to cybersecurity, to include prioritizing cloud solutions and Zero Trust Architecture. This section contains multiple directives, including:

Sec 4 – Enhancing Software Supply Chain Security – mandates that the government take action to protect software – with a focus on “critical software” – against cyber-attacks.

In addition to the above, the Order:

Copyright © 2024, Sheppard Mullin Richter & Hampton LLP.
National Law Review, Volumess XI, Number 137