Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), said in an interview published Tuesday that the new executive order provides CISA with new authorities to counter cyberattacks, including the development of a common playbook for cyber incident response.
He said the standard playbook requirement will help CISA better codify and implement joint incident responses.
“This really builds upon authorities that CISA received last year from the National Defense Authorization Act, where we were directed to stand up a Joint Cyber Planning Office (JCPO). This JCPO is essential to the maturation of CISA’s incident coordination and planning role,” Goldstein said.
In accordance with the new executive order, Goldstein said CISA is working with the Office of Management and Budget (OMB) on a cloud security strategy to help agencies protect cloud environments as they continue to implement the telework arrangement for their workforce.
“The EO further accelerates existing work to mature our regime around securing cloud environments and making sure that all federal cloud environments are adopting the right practices and the right security controls to reasonably protect the use of those environments for sensitive federal work,” he noted.
Goldstein shared his insights on zero-trust frameworks, ransomware payments and cyberattacks on critical infrastructure and discussed how CISA works to get third-party suppliers involved in safeguarding the software supply chain.
“The executive order calls out the need to make progress in initiatives like a software bill of materials, which is an essential step forward in understanding the components and the lineage of the critical software utilized across federal networks. None of these solutions is a complete answer in itself, but collectively, they really move us forward in understanding and managing risk posed by third-party vendors,” he said.