How President Biden’s Cybersecurity Executive Order could impact the IT sector
Chris Ritter, Principal Systems Engineer at Dell Technologies, and Ronald Nixon, Vice President for Global Defense and Government at Polyverse, join TFiR to talk about the Biden Administration’s cybersecurity executive order (EO). The talk kicks off by boiling the idea down to two viewpoints: That the government agencies are consumers and the industry works as a provider. To that end, Ritter starts off with the point that “The Government is of the view that agencies need to adopt the best practices and move towards the Zero Trust Architecture and accelerate its movement to secure services.”
The discussion highlights the three sections of the executive order that matter the most: One (Policy), three (Modernizing Federal Government Cybersecurity), and four (Enhancing Software Supply Chain Security).
Nixon adds that the framework for these changes has already been in place, but there are questions regarding those frameworks, such as: “How do I bring those into that environment? And how do I bring them up to speed so that I’m in compliance with the executive order?”
But is the industry ready for this executive order? Nixon believes that it’s broadly variable and the problem is you’ll see lots of companies piecemeal things together. Another issue Nixon mentions is whether or not companies can afford to bring their systems into compliance.
From Dell’s perspective, Ritter states that a secure supply chain is in Dell’s DNA. He says that this level of security has been a core tenet of Dell since the company was founded in 1984.
As to the subject of open source and the EO, Nixon makes it clear that “You still have to go through the due diligence process of making sure that an open source product doesn’t introduce any additional risk into your space.” He continues, “There are definitely pieces of the open source community that could be used as a basis for analysis of software, and to ensure that the software supply chain is intact and integral and remains secure.”
Summary for this interview/discussion was written by Jack Wallen