A recently released memorandum signed by President Biden outlines security protocols for national security systems, which face a different set of obstacles when dealing with highly sensitive and classified data.
The memo, "Memorandum on Improving the Cybersecurity of National Security, Department of Defense, and Intelligence Community Systems," shifts the reporting structure regarding cybersecurity within the federal government, requiring departments and agencies managing national security to communicate with the Director of the National Security Agency (NSA), who also holds the title of National Manager.
"In terms of prioritization, if the National Manager needs to say, 'Departments and agencies, Log4j is a huge problem, you need to deprioritize everything relative to this and go out and fix it,' this actually gives them the authority to do that," says Greg Bednarski, Chief of Cybersecurity Policy and Strategy at NSA.
The memo also establishes a federal playbook for managing cybersecurity incidents, aiming to increase standardization and transparency throughout federal departments. "All departments and agencies will really be graded against their ability to respond both in training as well as in real cybersecurity events — not just to their secretary level, but also up to the White House level," says Bednarski.