AI Takes the Center Stage in Biden’s Landmark Cybersecurity Order

AI Takes the Center Stage in Biden’s Landmark Cybersecurity Order

/in

Cyble AI Takes the Center Stage in Biden’s Landmark Cybersecurity Order

Overview

Outgoing U.S. President Joe Biden issued an order yesterday outlining measures to improve government cybersecurity. The lengthy order includes suggestions to improve cloud and software security by building requirements into the federal acquisition process. It also orders federal agencies to adopt a number of cybersecurity technologies and practices and takes a forward-thinking approach to AI.

As the culmination of efforts that began nearly four years ago in response to the Colonial Pipeline ransomware attack, the order is also valuable as a “lessons learned” document from an Administration that has had much to deal with in four years of dramatic cybersecurity events.

Cloud, Software Security Goals

Biden’s final cybersecurity plan is also ambitious in its implementation timeline, as many of the initiatives would be completed within a year.

The lead federal agencies would develop contract language requiring software providers to attest and validate that they use secure software development practices. Open-source software would also be included in the plans, as agencies would be given guidance on security assessments and patching, along with best practices for contributing to open-source projects.

Federal government contractors would be required to follow minimum cybersecurity practices identified by NIST “when developing, maintaining, or supporting IT services or products that are provided to the Federal Government.”

Cloud service providers that participate in the FedRAMP Marketplace would create “baselines with specifications and recommendations” for securely configuring cloud-based systems to protect government data.

IAM, Post-Quantum Encryption Goals

Federal agencies would be required to “adopt proven security practices” to include in identity and access management (IAM) practices. Pilot tests for commercial phishing-resistant standards such as WebAuthn would be conducted to help those authentication efforts.

The Biden plan says post-quantum cryptography (PQC) – in at least a hybrid format – should be implemented “as soon as practicable upon support being provided by network security products and services already deployed” in government network architectures.

The plan also requires secure management of access tokens and cryptographic keys used by cloud service providers and encryption of DNS, email, video conferencing, and instant messaging traffic.

CISA would lead the development of “the technical capability to gain timely access” to data from agency EDR solutions and security operation centers (SOCs) to enable rapid threat hunting.

BGP’s security flaws are also addressed, with requirements that ISPs implement routing security measures such as Route Origin Authorizations, Route Origin Validation, route leak mitigation, and source address validation.

AI Cybersecurity Innovation

The executive order says AI “has the potential to transform cyber defense by rapidly identifying new vulnerabilities, increasing the scale of threat detection techniques, and automating cyber defense. The Federal Government must accelerate the development and deployment of AI, explore ways to improve the cybersecurity of critical infrastructure using AI, and accelerate research at the intersection of AI and cybersecurity.”

AI cybersecurity implementation would start with a pilot program on the use of AI to improve critical infrastructure security in the energy sector. That program may gauge the effectiveness of AI technologies in detecting vulnerabilities, automating patch management, and identifying malicious threats.

The Department of Defense would start its own program on the use of “advanced AI models for cyber defense.”

The order asks science and research agencies to prioritize research on AI cybersecurity that meets the following criteria:

  • Human-AI interaction methods to assist with defensive cyber analysis

  • AI coding security assistance, including the security of AI-generated code

  • Designing secure AI systems

  • Methods for “prevention, response, remediation, and recovery of cyber incidents involving AI systems.”

Conclusion

Biden’s cybersecurity order is the culmination of four years which began even before the Colonial Pipeline incident with the SolarWinds software supply chain attack.

The order includes longer-term goals, including a three-year plan for modernizing federal information systems, networks, and practices, with a focus on zero-trust architectures, EDR capabilities, encryption, network segmentation, and phishing-resistant multi-factor authentication.

The post AI Takes the Center Stage in Biden’s Landmark Cybersecurity Order appeared first on Cyble.

Blog – Cyble – ​Read More