Every US President since George W Bush has taken action to harden the Federal government's cyber defences. But this latest action, in the aftermath of the Colonial Pipeline incident, will have wider ramifications across industry ... it looks like it will create a de facto standard for software security and create a new compliance regime for software (and SaaS) providers. That would further raise the need for tech industry players to enhance their compliance functions to match the level of senior management engagement seen in financial services.
| less than a minute read
More regulation in the pipeline
As the East Coast suffered from the effects of a ransomware attack on a major petroleum pipeline, President Biden signed an executive order on Wednesday that placed strict new standards on the cybersecurity of any software sold to the federal government. While every president since George W. Bush has issued new guidelines to bolster the country’s digital defenses, Mr. Biden’s order is intended to reach deep into the private sector. And it is far more detailed than past efforts. For the first time, the United States will require all software purchased by the federal government to meet, within six months, a series of new cybersecurity standards. Although the companies would have to “self-certify,” violators would be removed from federal procurement lists, which could kill their chances of selling their products on the commercial market.