In early May 2021, President Biden signed the Executive Order on Improving the Nation’s Cybersecurity. This pivotal cybersecurity executive order was prompted by a series of major cyberattacks on critical U.S. entities, including the recent attack on Colonial Pipeline that severely disrupted East Coast infrastructure. The order follows on the heels of the SolarWinds hack, which impacted numerous U.S. government agencies. Cyberattacks targeting critical infrastructure, including federal systems, heighten the threat to national security, making the executive order essential for reinforcing the nation’s defense.
The Executive Order on Cybersecurity
The executive order on cybersecurity aims to strengthen the nation’s cybersecurity through coordinated initiatives involving both public and private sectors. This includes significant improvements to existing practices and the introduction of new measures to address today’s evolving threat landscape, particularly the Cyber-Physical Convergence of Information Technology (IT) and Operational Technology (OT).
Cyber-Physical Convergence
Addressing the cyber-physical IT/OT convergence is critical, not only because it introduces significant cybersecurity vulnerabilities, but also because much of our critical infrastructure operates within these integrated environments.
The Cybersecurity Executive Order emphasizes the importance of collaboration between the federal government and private-sector stakeholders. While certain provisions apply specifically to federal agencies, the deep interconnection between public and private systems means that all organizations can benefit from adopting the cybersecurity executive order. In fact, it’s likely only a matter of time before these practices become mandatory for all.
That’s why it’s essential to understand the executive order, and more importantly, how to comply with it. We’re here to help you do both.
Detection of Cybersecurity Vulnerabilities and Incidents
A major emphasis of the cybersecurity executive order is improving the detection of vulnerabilities and cybersecurity incidents within government networks. Specifically, the executive order mandates “increasing visibility into and detection of vulnerabilities and threats to agency networks.” While network security solutions contribute to this visibility, they often overlook the hardware, or Physical Layer, leaving enterprises exposed to hardware-based attacks and rogue devices.
Malicious hardware, such as spoofed peripherals and network implants, operate at the Physical Layer, bypassing traditional network security tools. These rogue devices can carry out sophisticated attacks that compromise the integrity of the entire network. This highlights the critical need for visibility and threat detection at Layer 1 as part of a comprehensive cybersecurity strategy.
Achieving full device visibility at the Physical Layer is essential for securing an organization’s infrastructure from the ground up, addressing a crucial blind spot in many existing security frameworks.
The Zero Trust Architecture Approach
Starting from the bottom, the first layer of the OSI Model, positions organizations to better comply with other requirements outlined in the cybersecurity executive order. One key mandate is for federal agencies to adopt a Zero Trust Architecture (ZTA).
Zero Trust acknowledges the reality that threats can originate from inside an organization’s network. As a result, it enforces strict access controls, even for internal users. However, Zero Trust is not a single tool or product; it’s a data-driven security model that depends on various inputs to determine access decisions. When a device or asset requests access, the architecture must assess the request based on predefined security policies and information about the requesting asset.
Critically, the effectiveness of Zero Trust depends on the ability to accurately detect and identify all assets attempting to access the network. This level of assurance requires Physical Layer visibility. Without insight at Layer 1, rogue devices, such as network implants or spoofed peripherals, can evade detection and bypass policy enforcement entirely.
While this requirement specifically applies to federal agencies, any organization, especially those with government contracts, can benefit from adopting Zero Trust principles combined with Physical Layer visibility. Together, these measures significantly strengthen an organization’s cybersecurity posture.
Supporting Compliance with the Cybersecurity Executive Order
Sepio’s platform provides organizations with the Physical Layer coverage needed to achieve complete device visibility, an essential capability for complying with the cybersecurity executive order. In doing so, Sepio also delivers robust protection against hardware-based attacks. As the leader in rogue device mitigation, Sepio’s solution identifies, detects, and manages all peripherals, no device goes unmanaged.
Sepio leverages Physical Layer fingerprinting and Machine Learning to generate a unique digital fingerprint based on each device’s electrical characteristics. These fingerprints are compared against a known database, enabling Sepio to detect vulnerable devices and unmanaged network switches within the infrastructure.
Automated Policy Enforcement
In addition to the deep visibility layer, a comprehensive policy enforcement mechanism recommends best practice policies. It allows the administrator to define a strict or more granular set of rules for the system to enforce. When a device breaches the pre-set policy, Sepio automatically initiates a mitigation process. This process instantly blocks unapproved or Rogue hardware.
Supporting Section Eight Requirements: Data Logging and Incident Readiness
Sepio also enables compliance with section eight of the cybersecurity executive order, which mandates improved data collection and analysis to enhance incident investigation and response. The platform logs all hardware asset details and retains this data according to defined policies, ensuring full traceability and support for forensic investigations.
As cybersecurity threats continue to evolve, federal agencies, critical infrastructure providers, and private-sector organizations must strengthen their defenses. Technology innovation brings both opportunity and risk, making the convergence of physical and cybersecurity more critical than ever in protecting national interests.
Ready to strengthen your cybersecurity? Discover how our solutions align with the latest cybersecurity executive order. Schedule a demo today.
