President Biden recently signed an Executive Order on Improving the Nation’s Cybersecurity, the latest executive order aimed at improving national security from both a public and private sector perspective. In the wake of several recent major cybersecurity catastrophes in the U.S., including the ransomware attack that halted all operations of the Colonial Pipeline, HAFNIUM targeting Microsoft Exchange Servers and last year’s SolarWinds hack, this order plans to modernize cybersecurity defenses through protected federal networks, improved public-private sector collaboration and information-sharing, and strengthened cyber incident response.
It’s an ambitious plan, and it covers a lot of major topics, recent incidents, and recommendations. But what does it mean for MSPs? And how should you be talking to your peers, colleagues, and, importantly, your end clients about it?
In this post, we share the key executive order insights and how they may impact MSPs and the private and public sector organizations they support. Looking to learn more? Check out the fact sheet released by the Biden administration here.
Fueling public/private sector partnerships to increase threat awareness (OR remove barriers to sharing threat information between government and the private sector)
The Executive Orders requires the cooperation of IT (information technology) and OT (operational technology) service providers, including cloud hosting providers, to share information about cybersecurity threats and certain breach information and to remove contractual issues that prevent the sharing of such information. ConnectWise developed and continues to support the CompTIA ISAO in our efforts to improve threat analysis and information to the MSP community. MSPs should engage and consider responsible sharing of threat intelligence as a method of minimizing cybercrime and time to respond when incidents occur.
Launch a Cybersecurity Safety Review Board
The Executive Order also establishes a Cybersecurity Safety Review Board, which will be jointly led by private sector and government leads. Modeled after the National Transportation Safety Board, this board would convene after major cyber incidents to analyze what happened, ensure we identify lessons learned, and make concrete recommendations for improving cybersecurity. For some MSPs, this may be an example of the public sector following private sector best practices, as organizations further into their cybersecurity journey may already take part in such analyses. However, for any company dealing with the aftermath of a cyber incident, their own or that of a vendor, take similar note of what occurred, the direct and indirect impact, what improvements need to be made, and how this could be prevented in the future. MSPs should consider that this overarching approach to cyber will have a trickle-down impact on our industry and clients. Maybe not today, but in the very near future.
Improve software supply chain security
By establishing baseline security standards for the development of software sold to the Federal Government, the Executive Order seeks to improve supply-chain security by developing guidelines, tools, and best practices to audit and assure that critical software is not tampered with by malicious actors in supply-chain attacks. For MSPs, we need to take a closer look at the impact of tools that SMB clients use on a daily basis, understand the risk they introduce to your clients, and maintain reasonable security designs focused on minimizing access and potential for harm. The impact from supply chain attacks is an opportunity to help your clients assess risk. (Speaking of assessing risk, if you aren’t sure where to start here, consider a free trial of ConnectWise Identify to assess your readiness as a service provider.)
Create a standard playbook for responding to cyber incidents
Like MSPs and your clients, Federal agencies and departments also have varied maturity levels when it comes to cybersecurity knowledge and response capabilities. The executive order calls for the creation of a standardized playbook that ensures that all Federal agencies have the same level of preparedness when it comes to identifying vulnerabilities, responding to breaches, and mitigating threats. The playbook will also provide the private sector with a template for its response efforts and will incorporate all appropriate NIST standards. This is a right step forward, but we strongly recommend that MSPs ensure their cybersecurity playbook works for their organization.
Don’t know where to start? To help you begin your cybersecurity journey, we’ve developed a cybersecurity starter kit, an MSP+ playbook, and a cybersecurity certification to support education, awareness, and playbooks for our partner community.