What the EO Means for Data Cybersecurity and Information Details
Agencies must walk a delicate tightrope when
past, unencrypted data facilitated many
sensitive information like health care details
for cybercriminals. With the federal government
handling data. On the one hand, data contains that constituents expect agencies to keep
private. On the other hand, securing this data cannot be so complicated that it slows down government employees.
balancing both concerns hard for agencies.
Data attracts cybercriminals, as they can often
profit off personally identifiable information (PII) such as Social Security numbers quickly and
easily. Nation-states are even more concerning:
The data hostile governments steal can hurt U.S. national security.
these fears by mixing modern tools with fresh perspectives on handling data. Implemented correctly, Biden’s cybersecurity EO can assist agencies with guarding one of their most
Agencies should make accessing their data as hard as possible, and encryption helps them
do exactly that. Encryption translates data into another form that can be unlocked only with a decryption key such as a password. Because
encrypted data can be deciphered only with the right tools, only the correct people can typically
20
Much like encryption, multifactor authentication (MFA) can make a difference with data security. MFA grants users access to resources such as
data only after they have presented two or more pieces of evidence verifying their identities.
These identity factors include something only individual knows (their address) or something unique to the individual (their fingerprint).
The EO stipulates that all federal agencies must deploy MFA. From the top down, this
preventing unauthorized access to their data
1. How will agencies need to protect their data differently?
for their resting and in-transit data. In the
they have not already.
cybersecurity tool can assist agencies with
precious resources.
all federal agencies embrace encryption
agencies may also adopt encryption soon, if
the individual has (a key), something only the
The federal government hopes to soothe
Biden’s cybersecurity EO mandates that
leading by example, scores of state and local
2. How will government employees need to handle data differently?
The reality is that cybercriminals make
access this information.
cyberattacks, so this rule could erase this option
and other assets.
3. How will agencies need to rethink their data practices? Biden’s EO demands that federal civilian
executive branch (FCEB) agencies understand their high-value data assets. Rather than treat all their data the same, the EO tasks
these agencies with evaluating which types of unclassified data they have and how sensitive each type is.
These evaluations will help FCEB agencies
identify which unclassified data types are the most sensitive, and which varieties are under A GovLoop Guide
