Cybersecurity is not an exclusive concern; this is a national security concern. While earlier administrations have issued cybersecurity-related administrative orders with apparent calls-to-action for central agencies to follow, this administrative order is important given the up-to-date cybersecurity incidents From SolarWinds to Colonial Pipeline, the growing volume of cyberattacks has shown how events can significantly interrupt operations and crucial infrastructure. Regularly increasing cyber threats execute action imperative for central agencies and is why Fore scout actively supports the core components of the Biden Administration’s Executive Order on Enhancing the Nation’s Cybersecurity (EO).
The May 12 EO attempts to go federal civilian companies moving a zero-trust architecture; mandates the choosing of endpoint detection and reply leads to support proactive exposure of cybersecurity events within federal government infrastructure; and attempts to quicken the move to secure cloud infrastructure (SAAS, IAAS, PAAS). The EO also delivers a strong level of cybersecurity information distribution, and to that end, needs that civilian companies’ object-level data are possible and accessible to the Cybersecurity and Infrastructure Security Agency; the tool for obtaining this data is the Continuous Diagnostics and Mitigation (CDM) program.
To reach the object-level data sharing demand, businesses must be certain in their capacity to offer CISA with certain data, this starts with data regarding hardware assets – which is also the primary and foundational stage of the CDM program unless identified as Hardware Asset Management. HWAM includes finding connected machines well beyond conventional endpoints like a laptop, desktop computers virtual desktop, to mobile phones, printers, sensor-driven IOT devices, and even connected operational technology devices like creating automation systems. Avoiding any percentage of networked devices can lose confidence that what businesses report to CISA indicates their real IT environments and will degrade master endpoint record quality. This also severely impedes companies’ and CISA’s ability to create the risk-based decisions with which they are tasked. While the plan to catch object-level data may not have obtained titles, it will play an important role in the administration’s capacity to execute risk-informed choices and conduct event reply actions in the event of extra SolarWinds-type event. Data giving is a pleasant call-to-action that will help civilian businesses fit key security goals and hugely increases the federal network’s security aspect.
CDM will work as a core element to the federal administration’s movement to a zero-trust architecture. Focused on the policy of “never trust, always verify”, zero trust involves an evolving set of cybersecurity standards that move protection from static, network-based boundaries to concentrate on users, assets, and devices. It is broadly a reply to business network trends that include remote users, brings their own device (BYOD), and cloud-based devices that are not placed within an enterprise-owned network boundary. NIST SP 800-207 the guidance defines three core relevant elements that a zero-trust architecture must cover: policy administrator, policy engine, and policy enforcement point. Data sources like a CDM system, threat intelligence supplies, data access methods, an ID management policy among others will support real-time data to the policy execution point which will determine whether to allow or reject access requests to information devices. As the lengthy list of data sources recommends, Zero Trust is not about a single product; it is about various products that will require working together.