Cybersecurity monitor

Biden Gives NSA Powers to Police Federal Agencies’ Cyber Readiness

President Joe Biden signed a national security memorandum granting the National Security Agency the power to order concerned agencies to implement updates and other remedial measures to national security systems through binding operational directives patterned after those currently being employed by the Cybersecurity and Infrastructure Security Agency, Nextgov reported Wednesday.

Through the memo, Biden called for new guidance on minimum security standards for national security systems in the cloud to be developed and published within 90 days of its issuance. Additionally, the memo directed the Department of Homeland Security, the parent agency of CISA, to coordinate with NSA on cloud cybersecurity incidents that have impacts across national security systems and federal civilian executive branch systems.

Biden refers to the NSA in his memo as the “national manager,” a reference to the spy agency’s authority over national security systems established in a 1990 national security directive. It is designated as the lead agency, given the responsibility of coordinating a cybersecurity and incident response framework for secret and top-secret cloud systems to facilitate information sharing among government agencies and commercial cloud vendors.

The president ordered that within 60 days, the DHS and NSA must come up with procedures that cover information sharing and protections for classified information and intelligence sources. Also within that two-month period, agencies that operate national security systems must update plans to “prioritize resources” for using cloud computing and to implement zero trust architectures.

Within 180 days, federal agencies should have been able to put in place multifactor authentication and encryption for data stored in and moving across national security systems, Nextgov further reported.