A New Era of Cybersecurity Initiatives
The United States government has made a significant advancement in cybersecurity with the release of an Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity and New Era of Cybersecurity Initiatives. This executive order emphasizes enhancing the security of federal systems and introduces new cybersecurity procurement requirements for federal contractors. By leveraging its purchasing power, the government aims to drive market demand for robust cybersecurity solutions. This initiative represents the ongoing, bipartisan focus on cybersecurity that has been growing since 2016, with over ten related executive orders. Building on previous directives, the latest order takes crucial steps toward securing national infrastructure.
Routing Security and Encryption
One of the most important aspects of the new executive order is its emphasis on routing security. The order directs US government agencies to collaborate with the American Registry for Internet Numbers (ARIN) and implement Route Origin Authorizations (ROAs) using Resource Public Key Infrastructure (RPKI). These measures will cryptographically validate routing announcements, preventing incidents caused by incorrect routing. This is a notable improvement, as only 1% of routes from US government-run networks were previously verified with RPKI. Furthermore, the order mandates that federal contractors implement Route Origin Validation (ROV), which filters out invalid routing announcements, promoting safer network operations.
Another critical focus is end-to-end encryption. The order calls for strong encryption protocols in government communications, including email, voice, and video conferencing systems. The use of transport and end-to-end encryption as default settings will significantly enhance the privacy and security of federal communications. This move is crucial for safeguarding against interception by potential adversaries and sets a standard for encryption best practices.
DNS and TLS Security
The executive order also introduces stringent security measures for the Domain Name System (DNS). Encrypted DNS protocols will become a requirement not only for federal agencies but also for vendors providing DNS resolver services. The DNS is essential for ensuring seamless internet navigation, and encrypted DNS will bolster both the security and privacy of government operations online. By making this a procurement requirement, the government will encourage the private sector to adopt secure DNS protocols as well, benefiting broader internet security.
Additionally, the order mandates that US government agencies adopt Transport Layer Security (TLS) protocol version 1.3 or a successor by 2030. TLS is a crucial internet standard that protects against eavesdropping, tampering, and message forgery. The decision to implement TLS 1.3 ensures better security and performance across government networks and encourages wider adoption in the public and private sectors.
Setting a Precedent for Cybersecurity Best Practices
The latest executive order is a landmark achievement in the US government’s cybersecurity efforts. It sets a strong example for other sectors and governments by embracing best practices in routing security, encryption, DNS, and transport layer security. As the government works to implement these New Era of Cybersecurity Initiatives, it is expected to foster positive change in the broader cybersecurity landscape.
