"President Biden’s order places strict new standards on software sold to the government."
"WASHINGTON — As the East Coast suffered from the effects of a ransomware attack on a major petroleum pipeline, President Biden signed an executive order on Wednesday that placed strict new standards on the cybersecurity of any software sold to the federal government.
The move is part of a broad effort to strengthen the United States’ defenses by encouraging private companies to practice better cybersecurity or risk being locked out of federal contracts. But the bigger effect may arise from what could, over time, become akin to a government rating of the security of software products, much the way automobiles get a safety rating or restaurants in New York get a health safety grade.
The order comes amid a wave of new cyberattacks, more sophisticated and far-reaching than ever before. Over the past year, roughly 2,400 ransomware attacks have hit corporate, local and federal offices in extortion plots that lock up victims’ data — or publish it — unless they pay a ransom."
David E. Sanger and Julian E. Barnes report for the New York Times May 12, 2021.
SEE ALSO:
"Pipeline Hack Points to Growing Cybersecurity Risk for Energy System" (New York Times)
"In Wake Of Pipeline Hack, Biden Signs Executive Order On Cybersecurity" (NPR)
"Executive Order on Improving the Nation’s Cybersecurity" (White House)
