On the afternoon of May 12, President Joe Biden issued his Executive Order on Improving the Nation’s Cybersecurity. The executive order came on the heels of a ransomware attack that shut down operation of a major U.S. refined products pipeline system, a critical infrastructure operator that supplies approximately 40% of the gasoline supply to states along the U.S. East Coast.
As gasoline stopped flowing from suppliers to service stations, prices shot up, shortages broke out and drivers rushed to fill their tanks, unsure of how long the effects would last. The impact of this attack was consequential, dramatically illustrating the vulnerability of key pieces of our economy, but it was not an isolated event. The Executive Order on Improving the Nation’s Cybersecurity was not a knee-jerk reaction to a singular event. It is the result of years of attacks on government, industry, and individual organizations and of a steady cry from both the public and private sector to enlist the resources of our federal government in the fight against cybercrime.
Ordr has been one of the voices speaking in support of greater federal involvement and calling out the need for greater attention to protecting public services and infrastructure. And we were pleased to see that the new executive order called out the need to focus attention not just on information technology (IT), but on operational technology (OT), and the importance of Zero Trust.
Operational technologies are the industrial hardware and software systems that form the backbone of industry. Manufacturing equipment, scientific equipment, facilities management controls, transportation and logistics infrastructure, and, yes, the valves and monitors and other gear essential to managing critical operations.
In many cases these systems were not designed with cybersecurity in mind and have been in place for decades. But, as our world grows more interconnected and dependent on technology, the lines between IT and OT have blurred. Those vulnerable systems are an attractive target for threat actors who can exploit weaknesses in IT infrastructure to move laterally into OT networks and execute attacks intended to extract valuable data, or disrupt operations through sabotage or extortion. Read Jamison Utter’s article on 90% of OT Security attacks being primarily common attacks like ransomware, and our Dir of Product Management Srinivas Loke’s response to DarkSide to understand our perspective more.
Zero Trust for Connected Devices
We are also pleased to see Zero Trust called out as one of the key architectural tenets within the executive order. When it comes to the volume of connected IT, IoT, IoMT and OT in particular, it is impossible for any security team (even the government) to “react” to potential security alerts with these devices. Visibility into devices and their risks, along with proactive Zero Trust policies for mission-critical or vulnerable devices will limit the attack surface and mitigate risks, reducing the Security Operations Center (SOC) or Cyber Security Incident Response Team (CSIRT) burden of investigating alerts.
We’ve been advocating for Zero Trust for connected device security for several years now, and in fact, our platform is designed to make it simple to not only create Zero Trust network policies but also ensure that they can be properly enforced across existing networking and security infrastructure.
The executive order has set a number of priorities, including:
- Improve the Federal Government’s ability to detect vulnerabilities and incidents on federal government networks;
- Standardize the playbook for responding to cybersecurity vulnerabilities and incidents; and,
- Improve the Federal Government’s investigation and remediation capabilities following cyberattacks.
At first glance, the Executive Order on Improving the Nation’s Cybersecurity seems to set overly ambitious goals for meeting these objectives on aggressively accelerated schedules. In fact, the clock is already ticking on deadlines that arrive in as little as 14 days. But the experience and innovation that has been happening within the private sector puts these goals well within reach.
For our part, Ordr already works with many federal agencies to achieve the goals and objectives the White House has articulated. Our technology is adept at identifying the many vulnerabilities that plague OT, and at executing real-time response to detect and isolate attacks that occur, preventing threat actors from moving laterally to gain the information and leverage they need to disrupt operations. We are also proven in our ability to execute Zero Trust policies in industries like healthcare, manufacturing, financial services, education, and more. We are eager, excited and ready to be a part of the mobilization effort that improves the nation’s cybersecurity.