The recent ransomware attack of the Colonial Pipeline has reinvigorated calls from legislators to strengthen the defenses of U.S. pipelines and the electric power grid. Over the last several years, a repeatable pattern is becoming apparent with each major cyberattack. A critical cyber-attack occurs that is followed by outrage that result in statements from government leaders with calls for action - all followed by proposed ideas on how to better mitigate the risk of cyberattacks in the future. Yet, it seems that time goes by and with the next major attack the cycle starts all over again. This time, government is taking a more rigorous approach to proposing solutions to end the vicious cycle.
On May 11, 2021, President Biden signed an Executive Order that includes several requirements for companies to do business with the federal government. Among these requirements is a mandate that all software sold to the federal government follow imposed cybersecurity standards within nine months. The order also includes a requirement that the government deploy encryption and multi-factor authentication solutions.