Has federal cybersecurity improved post-executive order?

The May 12, 2021 Executive Order (EO) on Improving the Nation's Cybersecurity put a national focus on the importance of protecting U.S. businesses and critical infrastructure from cyberattacks.

The EO aims to improve software supply chain security and decrease barriers to information sharing across public and private sectors, among other goals.

The "Impact Assessment: Cyber EO Year One" report from MeriTalk and underwritten by AWS, CrowdStrike and Zscaler surveyed 160 federal cybersecurity leaders to determine the executive order's impact on the federal cybersecurity space. Cyber professionals from the Department of Defense (DoD), U.S. intelligence agencies and civilian agencies shared how the EO has affected their organizations' cybersecurity strategies in its first year.

Cybersecurity impacts of the executive order

The impact assessment found that 99% of federal cybersecurity professionals believe the EO is making progress toward its goals, including modernizing cybersecurity practices, improving vulnerability identification, and boosting a cybersecurity-minded culture in federal agencies.

In addition, 78% of respondents said that the 2021 cybersecurity EO included needed steps for the protection of the United States' cyber assets.

Moving forward with the EO

The Executive Order on Improving the Nation's Cybersecurity urged federal agencies to adopt zero trust frameworks to bolster cybersecurity. Ninety-six percent of federal cyber leaders indicated that zero trust strategy is somewhat or very helpful, but 67% of respondents believe the three-year implementation window outlined in the EO is unrealistic. What's more, only 14% of respondents said they have all funding needed to fulfill the cybersecurity EO requirements.

The report highlighted three recommendations for federal cybersecurity practitioners:

Allocating resources toward national security: This could include upping recruitment efforts and automating repetitive security tasks, according to the report.
Getting all agencies up to speed: For those agencies that have been slower to adopt executive order requirements, cyber leaders such as chief information security officers (CISOs) and chief information officers (CIOs) should host monthly progress meetings to ensure implementation efforts are on track.
Stay proactive: Federal cybersecurity initiatives can remain successful by addressing past problems, such as a lack of budget, staff and secure public-private partnerships as they move forward with the EO. Foregrounding information sharing and collaborating with vendors may be helpful to federal agencies, according to the report.

For more report findings, click here.

Madeline Lauver is a former Editor in Chief at Security magazine. Within her role at Security, Lauver focused on news articles, web exclusives, features and several departments for Security’s monthly digital edition, as well as managing social media and multimedia content.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.

Has federal cybersecurity improved post-executive order?

Cybersecurity impacts of the executive order

Moving forward with the EO

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

Has federal cybersecurity improved post-executive order?

Cybersecurity impacts of the executive order

Moving forward with the EO

Share This Story

Related Articles

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.