Tech-sector reaction to the White House’s sweeping cybersecurity executive order issued May 12 came in largely positive today, with security technology makers particularly applauding the urgency of the administration’s plans, the enterprise-wide view that the order takes for improving security, and its actions to hasten the movement of Federal agencies to cloud services.
‘Cloud Secure’ Era
“We had Cloud First, and then Cloud Smart,” said Stephen Kovac, Vice President of Global Government and Head of Corporate Compliance at cloud-based security provider Zscaler. “The Executive Order on Improving the Nation’s Cybersecurity moves us into the era of Cloud Secure.”
“We are encouraged to see the focus on developing cloud security strategies, technical reference architectures, and cloud governance security frameworks,” Kovac said. “And, we one hundred percent agree with the importance of building zero trust plans. It is also critical that we embrace the important security frameworks that FedRAMP and CISA built around cloud and the Trusted Internet Connection (TIC) 3.0 guidance, as they will shepherd us into the new Cloud Secure era.”
“Over the past ten years, private industry has spent billions of dollars securing the cloud,” he said. “And, we’ve seen CISA and FedRAMP take advantage of industry partners and knowledge. The public sector can build on this foundation — it’s great to see the focus on collaboration.”
“Federal digital transformation dramatically accelerated through the pandemic, and we now have an urgent need to accelerate security modernization,” Kovac continued. “The goals and timelines set forth in the EO are ambitious, but we can meet them with strong public/private collaboration and coordination across government as we enter this new ‘Cloud Secure’ era. We applaud the Administration for launching this all-of-America effort.”
Enterprise Focus
The order said, Matt Marsden, Vice President of Technical Account Management-Federal at Tanium, “focuses on the need for enterprise-wide visibility and control,” adding, “as proven by recent cyber events, federal agencies cannot rely on detection and prevention from EDR/EPP capabilities as the only solution.”
“The U.S. Government’s newly established processes and capability requirements must enable agencies, from the CISO to the system admin, with the ability to articulate and manage risk,” Marsden said.
“Siloed tools and a myopic functionality approach don’t answer the complex cyber challenges agencies face,” said Aaron Smith, Regional Vice President – Technical Account Management at Tanium. “The answer is an ability to continuously monitor unfiltered real-time endpoint behavior to see changes to configurations, identify vulnerabilities, visualize lateral movement, and adapt to provide data at the time of need,” he said. “This component of extensibility ensures there are data points to answer the “what” and “how” of the next attack with proactive capabilities to secure the entire enterprise.”
Zero Trust Ascendant
“Cyber complacency has been plaguing the federal system for decades, as recently evidenced by the catastrophic breach involving SolarWinds,” said Andrew Rubin, co-founder and CEO at Illumio. “This new Executive Order acknowledges that we fundamentally need to change the way we think about cyber resiliency – and it starts with Zero Trust.”
“This is the first time in history that the President of the United States of America has acknowledged that we cannot stop all security incidents,” Rubin said. “Signing this executive order – mandating Zero Trust and segmentation – has become a public demonstration that detection does not work 100 percent of the time (see: Colonial Pipeline, SolarWinds, MSFT Exchange).”
“Our complete reliance on detection to find and stop bad things is no longer an option,” he continued. “With bad actors and nation-states operating at all-time high levels of sophistication, a failure to recognize this will result in a small incident turning into a catastrophic attack – with the potential to impact human lives. We need segmentation and we need Zero Trust – and our government has now publicly declared this vital.”
Quick Cuts
Elsewhere around the tech-sector today:
Bill Wright, Director of Federal Government Affairs at Splunk, said the cybersecurity EO was
“timely and welcome. We continue to be challenged on a near-daily basis to protect federal agencies, state & local governments, and critical infrastructure against cyber attacks (SolarWinds, Microsoft Exchange, Pulse, ransomware). All of these challenges have one thing in common – the solution lies in the data.” He continued, “At first blush, the EO seems to take a good approach – bold federal action coupled with private sector engagement. An honest, hard look at the U.S. Government and private sector challenges. Frankly, many of these issues have persisted and have been unaddressed for too long.”
James Yeager, Vice President of Public Sector at CrowdStrike, said the order “reflects the Administration’s thoughtful approach and strong commitment to getting into important details and getting things right. This EO is not your typical set of cyber standards; it provides a new vision for federal cybersecurity. More specifically, it calls on agencies to improve the detection of network vulnerabilities to include issuing requirements for a federal government-wide Endpoint Detection and Response (EDR) approach and directing the Office of Management and Budget (OMB) to provide adequate resources to implement it. The EO also drives forward a more proactive, ‘threat hunting’ approach for federal agencies. The government needs to act like one of the most cyber-advanced organizations in the world – taking endpoint telemetry data and overlaying it with high quality, real time threat intelligence and vulnerability information – in order to make real progress in their cyber programs. The Cyber EO should serve to kickstart these efforts.”
Amit Yoran, CEO of Tenable, commented, “Colonial Pipeline and SolarWinds are a two-decades-long cyber reckoning that hasn’t yet reached its crescendo. The community has warned governments, organizations and consumers of the rising level of exposure ad nauseam. The wake-up calls will continue to get stronger until these issues are addressed on par with how they can impact our society.” He added, “The question on everyone’s mind is whether the EO will stop the next SolarWinds or Colonial Pipeline attack. Make no mistake — no one policy, government initiative, or technology can do that. But this is a great start.”
Rick Tracy, Chief Security Officer at Telos Corp., said, “I especially applaud the direction for federal departments and agencies to, as much of the private sector has already done, move more rapidly to adopt secure cloud services, the requirement for them to adopt multifactor authentication and the push for increased use in government of such practices as zero trust architecture. These are solid steps to improve federal cybersecurity, as is the order’s objective of establishing a government-wide endpoint detection and response system. The order’s requirement that IT providers must now share breach information which could impact government networks is long overdue, as this information is too vital to protecting federal systems for such sharing to be voluntary.”
Tony Cole, CTO at Attivo Networks, commented, “Is cybersecurity now at an urgent enough level for the Federal government to take decisive action? The current Presidential Executive Order (EO) is a good step forward however it will need a lot more action to have a significant and positive impact on the threats this nation faces at the government and critical infrastructure level. Information sharing is prominently called out and the administration plans actions to remove roadblocks currently in place stopping companies and agencies from sharing threat information with each other. That’s good.” He added, “incentives will also be needed since the mandated information sharing initiatives are limited to contracted companies doing business with the Federal government or federally regulated organizations.”
Aaron Faulkner, cybersecurity lead at Accenture Federal Services, said the firm is ready to support federal agency partners mandates from the order, “including improved threat detection, quicker threat response, enhanced remediation capabilities, and the prioritization of cloud technology adoption,” He continued, “As federal information technology architecture is modernized, a holistic endpoint detection and response approach, executed correctly, will be critical for CISA to rapidly understand the government’s overall risk posture and mitigate vulnerabilities. Speed to detection and speed to remediation will make all the difference.”
