WASHINGTON — The White House on Wednesday announced a new strategy to strengthen cybersecurity across the federal government following a string of high-profile attacks against U.S. agencies and private companies in the past two years.
The U.S will adopt a “zero trust” approach, meaning the federal government will assume no actor, system, network, or service operating outside or within the security is trusted, according to a memo from the acting director of the Office of Management and Budget, Shalanda Young.
In a statement, the White House said that the “growing threat of sophisticated cyber attacks has underscored that the Federal Government can no longer depend on conventional perimeter-based defenses to protect critical systems and data.”
The Log4j vulnerability, a computer bug in a widely used piece of computer code that was discovered last year, was the “latest evidence that adversaries will continue to find new opportunities to get their foot in the door,” the White House added.
The new strategy requires federal officials to use several layers of security when signing onto agency networks and agencies to boost internal network protection through various methods, including inviting independent experts to assess levels of security.
Agencies were given until the end of the 2024 fiscal year to meet the goals set out in the new strategy.
Wednesday’s announcement follows an executive order President Joe Biden signed in May that required IT service providers to share certain information about cyber breaches with the government. The order modernized and implemented stronger cybersecurity standards, established standards for software sold to the government, and created an “energy star” label so that consumers understand whether software was developed securely.
The Biden administration emphasized the importance of upgrading the federal government’s cybersecurity following the 2020 SolarWinds cyberattack — a widespread breach that tore into U.S. government agencies and dozens of corporations — as well as attacks last year by Chinese hackers that broke into federal networks.
The White House has also urged private companies to boost their defenses. There were number of high-profile cyberattacks against private organizations last year, including attacks against the world’s largest beef supplier as well as a major fuel supplier, which slowed critical U.S. supply chains.
Source: | This article originally belongs to Nbcnews.com
