President Joe Biden issued an executive order yesterday titled “Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity in which passkeys, mobile driving licences and identity management should serve to protect Americans’ privacy.
With cyber threats disrupting key digital services, and costing billions, the United States’ aims to bolster its cybersecurity directive by implementing several key measures. The measures include the creation of a digital identity framework to provide identity verification to U.S. citizens. While external software providers would heavily be depended on to deliver this service, supply chains need to be held accountable for mitigating security flaws.
Within 30 days of signing the order, authorities including the Office of Management and Budget, NIST and CISA (Cybersecurity and Infrastructure Security Agency) should advise how contracts should phrase the requirements for providers to submit secure software certifications to CISA.
However, guidance on secure software practices cannot be a defence to all advanced threat actors. The executive order calls for more coordination of responses to cyber attacks from multiple agencies through accessing endpoint data from remote sources.
Digital identity inclusion underscores the government’s commitment to facing the challenges of cybersecurity and privacy. The order mandates a decisive digital identity validation service providing verification for U.S. citizens without requesting too much personal information. The use of proven digital identity tools are highlighted in the order such as cryptographic keys. In addition to the secure management of systems, the integrity of government communications with end-to-end encryption should be prioritised to protect against tampering
Overall, Biden’s proposals cover a broad array of modern technologies, advocating for open-source software, more research undertaken to harness AI for threat detection, and acceptance of mDLs and other digital ID documents.
