In one of his last acts in office, President Biden this week issued an executive order directing government agencies to update their IT and cloud services policies to strengthen cybersecurity, including taking steps that may benefit financial institutions should the incoming Trump administration keep the order.
To address the rise in stolen and synthetic identities, the order requires executive agencies “to strongly encourage the acceptance of digital identity documents to access public benefits programs that require identity verification, so long as it is done in a manner that preserves broad program access for vulnerable populations and supports the principles of privacy, data minimization, and interoperability.” It also directs agencies to prioritize funding for cyber defense research and calls for stepped-up enforcement by the Treasury Department and Justice Department to prosecute cybercriminals.
Among its many provisions, the order directs the U.S. government to “adopt secure software acquisition practices and take steps so that software providers use secure software development practices to reduce the number and severity of vulnerabilities in software they produce.” It also calls for strengthening identity and access management for Federal systems to improve visibility of security threats across networks, and to strengthen cloud security. In addition, it requires the Department of Homeland Security to release and regularly update a list of product categories in which products that support post-quantum cryptography are widely available.
