The Reuters agency revealed that an executive order proposed by the Biden administration will oblige software vendors to notify their federal government customers in case they will suffer a security breach.
The executive order is expected to be released the next week and will also require federal agencies to enhance their security posture through the implementation of measures such as multi-factor authentication and data encryption. The order seems to be part of the response of the US government to the recently disclosed SolarWinds supply chain attack.
“A planned Biden administration executive order will require many software vendors to notify their federal government customers when the companies have a cybersecurity breach, according to a draft seen by Reuters.” reads the report published by Reuters. “A National Security Council spokeswoman said no decision has been made on the final content of the executive order. The order could be released as early as next week.”
When the security breach will impact critical programs, the vendors might be forced to provide a “software bill of materials.”
The order will force victims of a security breach to work with the FBI and the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency to respond to incidents.
The order would also force the creation of a cybersecurity incident response board composed of representatives from federal agencies and private cybersecurity companies.
“The draft order would also create a cybersecurity incident response board, with representatives from federal agencies and cybersecurity companies. The forum would encourage vendors and victims to share information, perhaps with a combination of incentives and liability protections.” concludes Reuters.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
Follow me on Twitter: @securityaffairs and Facebook
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, data breach)
[adrotate banner=”5″]
[adrotate banner=”13″]
Security Affairs Malware newsletter includes a collection of the best articles and research on malware…
A new round of the weekly Securitythe weekly Security Affairs newsletterAffairs newsletter arrived! Every week…
Operation ENDGAME dismantled key ransomware infrastructure, taking down 300 servers, 650 domains, and seizing €21.2M…
FBI warns Silent Ransom Group has targeted U.S. law firms for 2 years using callback…
The U.S. indicted Russian Rustam Gallyamov for leading the Qakbot botnet, which infected 700K+ devices…
Law enforcement operation codenamed 'Operation RapTor' led to the arrest of 270 dark web vendors…
This website uses cookies.
