This article originally appeared on Source link
It’s one of the biggest efforts yet by the Biden administration to secure the computer networks that the government relies on to do business.
Under the strategy, federal employees will need to sign on to agency networks using multiple layers of security and agencies will have to do a better job of protecting their internal network traffic from hackers. The strategy gives agencies until the end of the 2024 fiscal year to meet these benchmarks and others.
The strategy, which will be released by the Office of Management and Budget, was born out of a cybersecurity executive order that President Joe Biden signed last May in the wake of the breaches to federal networks and a ransomware attack on a major US pipeline operator.
The strategy seeks to apply a cybersecurity concept known as “zero trust,” which is popular at big corporations, to the federal government. “Zero trust” dictates that no computer user or system inside or outside an organization is inherently trusted. Continuous security checks are needed to ensure that hackers aren’t impersonating someone, and systems should be isolated when possible to keep malicious code from spreading.
One of the more demanding parts of the strategy is a requirement that agencies have a “complete inventory” of every electronic device on their networks.
It’s also an effort to set cybersecurity policy around goals and outcomes, rather than checklists.
“This strategy is a major step in our efforts to build a defensible and coherent approach to our federal cyber defenses,” National Cyber Director Chris Inglis said in a statement.