Visible to the public Biblio

Filters: Keyword is Executive Order  [Clear All Filters]
2021-10-26
[Anonymous].  2021.  America's Supply Chains. 86(38):1-6.

The United States needs resilient, diverse, and secure supply chains to ensure our economic prosperity and national security. Pandemics and other biological threats, cyber-attacks, climate shocks and extreme weather events, terrorist attacks, geopolitical and economic competition, and other conditions can reduce critical manufacturing capacity and the availability and integrity of critical goods, products, and services.

[Anonymous].  2019.  EO 13873 Securing the Information and Communications Technology and Services Supply Chain. 84(96):1-4.

Foreign adversaries are increasingly creating and exploiting vulnerabilities in information and communications technology and services, which store and communicate vast amounts of sensitive information, facilitate the digital economy, and support critical infrastructure and vital emergency services, in order to commit malicious cyber-enabled actions, including eco- nomic and industrial espionage against the United States and its people.

2021-10-22
[Anonymous].  2021.  Improving the Nation’s Cybersecurity. 86(93):1-15.

Enhancing Software Supply Chain Security. (a) The security of soft- ware used by the Federal Government is vital to the Federal Government’s ability to perform its critical functions. The development of commercial software often lacks transparency, sufficient focus on the ability of the software to resist attack, and adequate controls to prevent tampering by malicious actors. There is a pressing need to implement more rigorous and predictable mechanisms for ensuring that products function securely, and as intended. The security and integrity of ‘‘critical software’’—software that performs functions critical to trust (such as affording or requiring elevated system privileges or direct access to networking and computing resources)—is a particular concern. Accordingly, the Federal Government must take action to rapidly improve the security and integrity of the software supply chain, with a priority on addressing critical software.

[Anonymous].  2021.  Protecting Americans’ Sensitive Data From Foreign Adversaries . 86(111)

It is appropriate to elaborate upon measures to address the national emergency with respect to the information and communications technology and services supply chain that was declared in Executive Order 13873 of May 15, 2019 (Securing the Information and Communications Technology and Services Supply Chain). Specifically, the increased use in the United States of certain connected software applications designed, developed, manufactured, or supplied by persons owned or controlled by, or subject to the jurisdiction or direction of, a foreign adversary, which the Secretary of Commerce acting pursuant to Executive Order 13873 has defined to include the People’s Republic of China, among others, continues to threaten the national security, foreign policy, and economy of the United States. The Federal Government should evaluate these threats through rigorous, evidence-based analysis and should address any unacceptable or undue risks consistent with overall national security, foreign policy, and economic objectives, including the preservation and demonstration of America’s core values and fundamental freedoms.”

[Anonymous].  2021.  Security Measures for “EO-Critical Software” Use.

Publishing guidance that outlines security measures for critical software use – including applying practices of least privilege, network segmentation, and proper configuration – is one of NIST’s assignments to enhance the security of the software supply chain called for by a May 12, 2021, Presidential Executive Order on Improving the Nation’s Cybersecurity (14028).”

[Anonymous].  2017.  Executive Order 13800: Growing and Sustaining the Cybersecurity Workforce.

On May 11, 2017, the President of the United States issued the Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. In part, the order states that it is the policy of the United States “to support the growth and sustainment of a workforce that is skilled in cybersecurity and related fields as the foundation for achieving our objectives in cyberspace.”  Consequently, the Secretary of Commerce and Secretary of Homeland Security are directed to:

1) “assess the scope and sufficiency of efforts to educate and train the American cybersecurity workforce of the future, including cybersecurity-related education curricula, training, and apprenticeship programs, from primary through higher education”; and,

2) “provide a report to the President with findings and recommendations regarding how to support the growth and sustainment of the Nation's cybersecurity workforce in both the public and private sectors.”  

With the active involvement of more than a dozen federal departments agencies, and with public input, the Commerce and Homeland Security Secretaries submitted a report to the President, Supporting the Growth and Sustainment of the Nation's Cybersecurity Workforce. A full list of federal contributors and details about private sector input is included in the report.

Key findings and recommendations from that report are available here.

[Anonymous].  2021.  Executive Order on Improving the Nation’s Cybersecurity.