Cyber security is a growing concern in both the public and private sectors. SolarWinds is an information technology firm in the U.S. that has government and private sector clients. In December, the company discovered a major cyberattack implemented under the guise of a software update. The SolarWinds attack offers a glimpse of what the country can expect in cyber attacks in 2021. The scale of the attack prompted President Biden to draft an Executive Order to address the growing threat cyberattacks pose to the country’s infrastructure and operations.
What the EO Does
Once it is complete, the Executive Order will establish a set of procedures and guidelines for cybersecurity. It includes protocols for investigating hacks as well as developing software standards. Though the new standards only affect companies doing business with the government, the hope is that it will eventually trickle down to private-sector companies. Any company that works with the U.S. government must follow the new standards to keep doing business with the government.
A New Investigations Board
Currently, the Federal Bureau of Investigations is the department tasked with investigating cyberattacks. Still, this department has no role in determining what the impact is on society at large. Instead, the FBI is responsible for ensuring that U.S. laws are followed.
The Cyber Security Infrastructure Agency is also involved. The agency is the defense arm of the government’s cyber approach. They work on making sure infrastructure is secured against cyber threats. They are not provided with any investigative authority. Even with FBI and CSIA involvement, there are large gaps in the country’s cybersecurity structure.
An agency dedicated to looking at the big picture of America’s cybersecurity would be able to:
• Investigate potential vulnerabilities
• Assess the damage from an attack
• Determine what happened
• Find out who was responsible
• Make recommendations for how to prevent future attacks
The new agency would be able to streamline the process and offer more transparency.
New Software Requirements
President Biden’s Executive Order would also establish new security requirements for software. Any software company that contracts with the federal government would need to prove that they have implemented and followed security measures in software development and performance.
New Notification Requirements
The SolarWinds breach went undetected for months and impacted private businesses and governmental agencies, including Homeland Security and Energy Departments. The stealth nature of the attack is indicative of one of the primary cybersecurity threats in 2021. Though the company was apparently unaware of this attack, many other companies fail to notify stakeholders when an attack occurs. The EO establishes a notification requirement when a business’s system is hacked.
Any cyber attacks in 2021 potentially threaten the country’s infrastructure and could seriously disrupt day-to-day operations. President Biden’s response to the SolarWinds attack is one step forward in the effort to improve cybersecurity.
About Connected Risk Solutions
At Connected Risk Solutions, we use our expertise and experience to provide insurance information and programs to those who serve long-term care and senior living facilities. Since 2007, we’ve been offering insurance and risk management plans designed to help our agents give their clients the ability to achieve continued growth while simultaneously protecting against loss, containing costs and increasing profitability. With three offices to serve you in Chicago, Illinois; Phoenix, Arizona; and Burlington, Connecticut, we do everything we can to make your experience with us as professional and transparent as possible. To learn more, contact us at (877) 890-9301.