a good thing!
- LIST -
Following a number of high-profile cybersecurity incidents, President Biden signed the Executive Order on Improving the Nation’s Cybersecurity on May 12, 2021.
The executive order (EO) outlines extensive new requirements for Federal agencies and creates an urgency to respond. For example, within 60 days, each agency must develop a plan to prioritize cloud technology and implement Zero Trust architecture. The EO also makes it clear that agencies will need to adapt quickly to meet aggressive timelines around the development, adoption and purchase of threat detection and cyber incident response processes and products.
If you’re an ICAM architect for a federal agency, here are 11 actions you can take now to begin meeting the new EO requirements:
“...the prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security.” Section 1
Among the many processes and technologies to monitor, APIs are often a nebulous, overlooked component. However, because they deliver extensive amounts of sensitive data, they warrant greater attention. When you deploy products that provide visibility across your entire API landscape, you can detect, monitor and quickly act on unexpected behaviors.
“...service providers entering into contracts with agencies must promptly report to such agencies when they discover a cyber incident...” Section 2(f)(i)
To mitigate the potential impact of incidents, you need the ability to bring together data from multiple sources for examination. Centralizing disparate IAM systems across sources provides the visibility you need and enables data sharing for greater interoperability.
“...update existing agency plans to prioritize resources for the adoption and use of cloud technology...” Section 3(b)(i)
As you shift to cloud computing, you’ll experience firsthand the limitations of legacy IAM tools. But creating another set of cloud identities is not the answer. You can employ modern identity tools to break down identity silos and establish secure, interoperable, federated access to all mission-critical assets.
“...develop a plan to implement Zero Trust Architecture...'' Section 3(b)(ii)
NIST Special Publication 800-207 notes that core Zero Trust elements, like identity management, need to be “flexible enough to operate in a ZTA and perimeter-based hybrid security architecture.” When you prioritize technologies built on open standards, you can easily integrate and augment capabilities.
“...prioritize identification of the unclassified data considered by the agency to be the most sensitive and under the greatest threat, and appropriate processing and storage solutions for those data.” Section 3(c)(iv)
As data is classified by sensitivity, you’ll establish access permissions appropriate for that level of sensitivity. But data classifications are only good if risk-based, conditional access can be consistently enforced. To ensure this consistency, you can employ dynamic authorization and attribute-based access controls (ABAC).
“...agencies shall adopt multi-factor authentication...” Section 3(d)
As you look to quickly enforce MFA everywhere, you should consider implementing an authentication authority. An authentication authority centralizes authentication services to all assets (even legacy or custom ones), enables easy integration with multiple, existing PKI and MFA point solutions, and extends those capabilities to secure all resources.
Adopt “encryption for data at rest and in transit...” Section 3(d)
You’ll need to migrate off of legacy tools to meet new encryption requirements. Deploying a modern identity data store lets you establish a master user record by migrating attributes and profile data from legacy tools using bi-directional synchronization. You can then incrementally migrate applications to route to your new encrypted identity data store.
“....evaluate the security practices of the [software] developers and suppliers...” Section 4(b)
If your agency’s supply chain isn’t secure, your agency isn’t secure either. By thoroughly reviewing legacy software in your environment, you can identify where security practices are sufficient and where they’re falling short. As you evaluate potential new vendors, prioritize working with suppliers that practice secure software development and build security directly into their products.
“...deploy an Endpoint Detection and Response (EDR) initiative to support proactive detection of cybersecurity incidents...” Section 7(b)
The success of your agency’s EDR initiative will be determined by how much visibility you have into your environment. You’ll want to prioritize solutions that can centralize disparate identity and access management components while smoothly integrating with detection tools to provide that visibility.
“...establish or update Memoranda of Agreement (MOA) with CISA for the Continuous Diagnostics and Mitigation Program...” Section 7(f)
The Biden administration has made it clear that the Continuous Diagnostics and Mitigation (CDM) Program will play a critical role moving forward. By choosing vendor solutions that are approved for CDM, you’ll ensure the technologies in your environment align with the program’s objectives. Learn about Ping’s CDM-approved products here.
Follow “requirements for logging events and retaining other relevant data within an agency’s systems and networks.” Section 8(b)
Since managing logs can be complicated, you’ll want to prioritize tools that make it easy to capture, access and summarize log data. The ability to easily share that data with other security tools, like SIEM platforms, further enhances threat detection capabilities.
See how Ping can help you deliver secure employee and customer experiences in a rapidly evolving digital world.
Request a free demo
Thank you! Keep an eye on your inbox. We’ll be in touch soon.