Best News Network

Biden to Expand National Security Agency Role in Government Cybersecurity

WASHINGTON—President

Biden

on Wednesday expanded the National Security Agency’s role in protecting the U.S. government’s most sensitive computer networks, issuing a directive intended to bolster cybersecurity within the Defense Department and intelligence agencies.

The memorandum signed by Mr. Biden mandates baseline cybersecurity practices and standards, such as two-factor authentication and use of encryption, for so-called national security systems, which include the Defense Department and intelligence agencies and the federal contractors that support them.

It effectively aligns the cybersecurity standards imposed on national security agencies with those previously established for civilian agencies under an executive order Mr. Biden signed last May. Affected agencies will soon be expected to implement various cybersecurity protocols, including use of certain cloud technologies and software that can detect security problems on a network.

Cybersecurity failures have plagued the U.S. government for decades, including thefts of detailed personnel records and military secrets that have been blamed on Russia, China and other adversaries. While national security agencies are generally seen as more secure than their civilian counterparts, they have endured significant breaches, too.

The new 17-page order authorizes the National Security Agency, the government’s leading digital surveillance organization, to issue what are known as binding operational directives, which require operators of national security systems to undertake efforts to guard against known or potential cybersecurity threats. The NSA has long had both offensive and defensive missions, but it has sought to expand its cybersecurity mission in the years following the leaks of classified surveillance information by former intelligence contractor Edward Snowden.

The Department of Homeland Security already has the power to issue binding operational directives that apply to civilian government networks, and most recently used the authority in December to order agencies to immediately mitigate the widespread Log4J cyber flaw. Binding operational directives could require agencies to install certain patches immediately, take some systems offline or uninstall software viewed as potentially dangerous, as the Trump administration did with Kaspersky Lab antivirus software in 2017.

Additionally, Wednesday’s memorandum requires agencies to identify their national security systems and report to the NSA cyber incidents that involve them. A fact sheet shared by the White House said this reporting would help the government identify and mitigate cyber risk across all national security systems.

The new rules also will require defense and intelligence agencies to better secure tools used to share data between classified and unclassified systems, in recognition that nation-state adversaries often seek to identify weaknesses in those tools to access highly sensitive national security information. Mr. Biden’s memorandum requires agencies to inventory so-called cross-domain solutions and places the NSA in charge of creating new security standards and testing requirements for such tools.

The actions to grant NSA a broader cybersecurity remit follows years of efforts by the spy agency to rehabilitate its image. That suffered after leaks by Mr. Snowden, which exposed highly classified domestic and global surveillance activities. Mr. Biden has filled three of the most important cybersecurity roles in his administration with NSA veterans, including

Anne Neuberger

as deputy national security adviser for cyber and emerging technology.

Mr. Biden and his national security team have repeatedly identified cybersecurity threats as a top national and economic security threat to the U.S. The Biden administration has warned critical infrastructure operators and some businesses in recent weeks to be on guard against Russian cyberattacks that could be spillover from tensions between Moscow and Kyiv.

Wednesday’s directive follows several organizational changes at the White House, State Department and elsewhere to elevate the issue and a push to place cybersecurity mandates on some private industries, including pipelines and trains, after several presidential administrations of both parties largely relied on voluntary industry standards.

Ransomware attacks are increasing in frequency, victim losses are skyrocketing, and hackers are shifting their targets. WSJ’s Dustin Volz explains why these attacks are on the rise and what the U.S. can do to fight them. Photo illustration: Laura Kammermann

Write to Dustin Volz at [email protected]

Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Appeared in the January 20, 2022, print edition as ‘U.S. Moves to Bolster Cybersecurity.’

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsAzi is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.