Has federal cybersecurity improved post-executive order?

The May 12, 2021 Executive Order (EO) on Improving the Nation's Cybersecurity put a national focus on the importance of protecting U.S. businesses and critical infrastructure from cyberattacks.

The EO aims to improve software supply chain security and decrease barriers to information sharing across public and private sectors, among other goals.

The "Impact Assessment: Cyber EO Year One" report from MeriTalk and underwritten by AWS, CrowdStrike and Zscaler surveyed 160 federal cybersecurity leaders to determine the executive order's impact on the federal cybersecurity space. Cyber professionals from the Department of Defense (DoD), U.S. intelligence agencies and civilian agencies shared how the EO has affected their organizations' cybersecurity strategies in its first year.

Cybersecurity impacts of the executive order

The impact assessment found that 99% of federal cybersecurity professionals believe the EO is making progress toward its goals, including modernizing cybersecurity practices, improving vulnerability identification, and boosting a cybersecurity-minded culture in federal agencies.

In addition, 78% of respondents said that the 2021 cybersecurity EO included needed steps for the protection of the United States' cyber assets.

Moving forward with the EO

The Executive Order on Improving the Nation's Cybersecurity urged federal agencies to adopt zero trust frameworks to bolster cybersecurity. Ninety-six percent of federal cyber leaders indicated that zero trust strategy is somewhat or very helpful, but 67% of respondents believe the three-year implementation window outlined in the EO is unrealistic. What's more, only 14% of respondents said they have all funding needed to fulfill the cybersecurity EO requirements.

The report highlighted three recommendations for federal cybersecurity practitioners:

Allocating resources toward national security: This could include upping recruitment efforts and automating repetitive security tasks, according to the report.
Getting all agencies up to speed: For those agencies that have been slower to adopt executive order requirements, cyber leaders such as chief information security officers (CISOs) and chief information officers (CIOs) should host monthly progress meetings to ensure implementation efforts are on track.
Stay proactive: Federal cybersecurity initiatives can remain successful by addressing past problems, such as a lack of budget, staff and secure public-private partnerships as they move forward with the EO. Foregrounding information sharing and collaborating with vendors may be helpful to federal agencies, according to the report.

For more report findings, click here.

Madeline Lauver joined Security magazine in 2021 as its Assistant Editor. She covers news affecting enterprise security leaders, including physical security, cybersecurity, leadership and management, risk and resilience and more. Within her role at Security, Lauver focuses on news articles, Web Exclusives, features, and several departments for Security’s monthly digital edition, as well as managing social media and multimedia content. Lauver graduated in 2019 with a BA in English, German and Media Studies from Kalamazoo College.

Service reliability underpins every modern business. Without reliable services, organizations cannot build the trust required to keep their customers loyal or free up time to focus on product innovation and differentiation.

Has federal cybersecurity improved post-executive order?

Cybersecurity impacts of the executive order

Moving forward with the EO

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

Has federal cybersecurity improved post-executive order?

Cybersecurity impacts of the executive order

Moving forward with the EO

Share This Story

Related Articles

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.