Ransomware attacks. You see them in the headlines almost daily. Five years ago, ransomware was mainly a "thing" among the cybersecurity community. Today, it is dinner-table conversation. People who know next to nothing about cybersecurity know about ransomware. That's because these attacks have impacted people outside of cybersecurity circles. They have affected consumers, business leaders, schools, government agencies, hospitals -- nearly every kind of organization across every industry. Government leaders worldwide are taking notice. The U.K. government is reviewing the Computer Misuse Act to make it easier for law enforcement to pursue ransomware criminals. United States agencies such as the TSA and CISA have released a series of security directives to help organizations prioritize security.

The most sweeping U.S. order, however, was announced by President Biden in May 2021 -- the U.S. Executive Order (EO) 14028. It includes a vast amount of guidelines (which we anticipate becoming mandatory) for federal agencies and private sector suppliers. The guidelines include implementing a zero trust, incident response and secure cloud migration strategy, among others. Section four, specifically, caught our interest. It is for third party suppliers who manufacture and/or sell software to federal agencies, and includes 11 guidelines created by NIST.

Our X-Force team has performed a thorough review of the guidelines, and is at the forefront of helping organizations adhere to them. We have created a new informative video and blog post, and are offering free workshops to help organizations understand the EO and how they may be impacted. Check out the content below and let us know if you want to schedule a workshop.

Blog post: A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers
Video: Learn how IBM Security X-Force can help you with the U.S. Executive Order for Improved Cybersecurity
Webpage: Executive Order on Cybersecurity Security Services | IBM
Schedule a Workshop: X-Force Red Offensive Security Services

------------------------------
Abby Ross
------------------------------

Looks like a great session!

------------------------------
Wendy Batten
Community Manager
IBM Security
Cambridge MA
wjbatten@us.ibm.com
------------------------------

Original Message:
Sent: Tue November 09, 2021 04:33 PM
From: Abby Ross
Subject: New U.S. Cybersecurity Executive Order Puts the Heat on Suppliers

Ransomware attacks. You see them in the headlines almost daily. Five years ago, ransomware was mainly a "thing" among the cybersecurity community. Today, it is dinner-table conversation. People who know next to nothing about cybersecurity know about ransomware. That's because these attacks have impacted people outside of cybersecurity circles. They have affected consumers, business leaders, schools, government agencies, hospitals -- nearly every kind of organization across every industry. Government leaders worldwide are taking notice. The U.K. government is reviewing the Computer Misuse Act to make it easier for law enforcement to pursue ransomware criminals. United States agencies such as the TSA and CISA have released a series of security directives to help organizations prioritize security.

The most sweeping U.S. order, however, was announced by President Biden in May 2021 -- the U.S. Executive Order (EO) 14028. It includes a vast amount of guidelines (which we anticipate becoming mandatory) for federal agencies and private sector suppliers. The guidelines include implementing a zero trust, incident response and secure cloud migration strategy, among others. Section four, specifically, caught our interest. It is for third party suppliers who manufacture and/or sell software to federal agencies, and includes 11 guidelines created by NIST.

Our X-Force team has performed a thorough review of the guidelines, and is at the forefront of helping organizations adhere to them. We have created a new informative video and blog post, and are offering free workshops to help organizations understand the EO and how they may be impacted. Check out the content below and let us know if you want to schedule a workshop.

Blog post: A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers
Video: Learn how IBM Security X-Force can help you with the U.S. Executive Order for Improved Cybersecurity
Webpage: Executive Order on Cybersecurity Security Services | IBM
Schedule a Workshop: X-Force Red Offensive Security Services

------------------------------
Abby Ross
------------------------------