President Joe Biden issued an executive order Thursday (Jan. 16) requiring the federal government to improve the nation’s cybersecurity.
One of the steps outlined in the executive order includes accelerating the development and deployment of artificial intelligence (AI) that can improve cybersecurity.
“Artificial intelligence (AI) has the potential to transform cyber defense by rapidly identifying new vulnerabilities, increasing the scale of threat detection techniques and automating cyber defense,” the order said. “The Federal Government must accelerate the development and deployment of AI, explore ways to improve the cybersecurity of critical infrastructure using AI, and accelerate research at the intersection of AI and cybersecurity.”
The executive order also requires the federal government to adopt secure software acquisition practices and ensure software providers use secure software development practices; adopt proven security practices in terms of things like identity and access management; and implement strong identity authentication and encryption to improve the security of communications.
In addition, it requires the federal government to encourage the acceptance of digital identity documents to access public benefits programs; modernize IT infrastructure and networks; and update the criteria used to designate people for sanctions when they engage in malicious cyber activity.
“Adversarial countries and criminals continue to conduct cyber campaigns targeting the United States and Americans, with the People’s Republic of China presenting the most active and persistent cyber threat to the United States Government, private sector and critical infrastructure networks,” the executive order said. “These campaigns disrupt the delivery of critical services across the Nation, cost billions of dollars, and undermine Americans’ security and privacy.”
It was reported Friday (Jan. 10) that the Chinese hacking group Silk Typhoon is believed to have been behind the December hack of the U.S. Treasury Department. It is believed that the group stole a digital key from a third-party service provider and used it to access unclassified information stored on laptops and desktop computers.
On Jan. 3, the United States imposed sanctions on Beijing-based cybersecurity company Integrity Technology Group, which is a People’s Republic of China government contractor, saying the company was involved in malicious botnet operations targeting critical infrastructure in the U.S. and overseas.