45 min listen
2021-018-LawyerLiz, Pres. Biden's EO, and the clueless professor
2021-018-LawyerLiz, Pres. Biden's EO, and the clueless professor
ratings:
Length:
64 minutes
Released:
May 22, 2021
Format:
Podcast episode
Description
Elizabeth Wharton: @lawyerliz on Twitter Executive Order: (https://www.americanbar.org/groups/public_education/publications/teaching-legal-docs/what-is-an-executive-order-/) “An executive order is a signed, written, and published directive from the President of the United States that manages operations of the federal government. They are numbered consecutively, so executive orders may be referenced by their assigned number, or their topic. Other presidential documents are sometimes similar to executive orders in their format, formality, and issue, but have different purposes. Proclamations, which are also signed and numbered consecutively, communicate information on holidays, commemorations, federal observances, and trade. Administrative orders—e.g. memos, notices, letters, messages—are not numbered, but are still signed, and are used to manage administrative matters of the federal government. All three types of presidential documents—executive orders, proclamations, and certain administrative orders—are published in the Federal Register, the daily journal of the federal government that is published to inform the public about federal regulations and actions. They are also catalogued by the National Archives as official documents produced by the federal government. Both executive orders and proclamations have the force of law, much like regulations issued by federal agencies, so they are codified under Title 3 of the Code of Federal Regulations, which is the formal collection of all of the rules and regulations issued by the executive branch and other federal agencies. Executive orders are not legislation; they require no approval from Congress, and Congress cannot simply overturn them. Congress may pass legislation that might make it difficult, or even impossible, to carry out the order, such as removing funding. Only a sitting U.S. President may overturn an existing executive order by issuing another executive order to that effect.” https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/ Another Review: https://www.atlanticcouncil.org/blogs/new-atlanticist/markup-our-experts-annotate-bidens-new-executive-order-on-cybersecurity/ https://www.insurancejournal.com/news/national/2021/05/21/615373.htm Within 60 days of the date of this order, the head of each agency shall: (i) update existing agency plans to prioritize resources for the adoption and use of cloud technology as outlined in relevant OMB guidance; (ii) develop a plan to implement Zero Trust Architecture, which shall incorporate, as appropriate, the migration steps that the National Institute of Standards and Technology (NIST) within the Department of Commerce has outlined in standards and guidance, describe any such steps that have already been completed, identify activities that will have the most immediate security impact, and include a schedule to implement them; and Within 180 days of the date of this order, agencies shall adopt multi-factor authentication and encryption for data at rest and in transit, to the maximum extent consistent with Federal records laws and other applicable laws. Within 90 days of the date of this order, the Secretary of Homeland Security acting through the Director of CISA, in consultation with the Attorney General, the Director of the FBI, and the Administrator of General Services acting through the Director of FedRAMP, shall establish a framework to collaborate on cybersecurity and incident response activities related to FCEB cloud technology, in order to ensure effective information sharing among agencies and between agencies and CSPs. SBOM! Dr. Allan Friedman on BrakeSec https://brakeingsecurity.com/2020-031-allan-friedman-sbom-software-transparency-and-knowing-how-the-sausage-is-made http://brakeingsecurity.com/2020-032-dr-allan-friedman-sbom-software-transparency-and-how-the-sausage-is-made-part-2 providing a purchaser a Software Bil
Released:
May 22, 2021
Format:
Podcast episode
Titles in the series (100)
2020-018- Masha Sedova, bespoke security training, useful metrics to tailor training: Masha Sedova - Founder, Elevate Security Inability to measure human security behaviors leads to increased risk in our computing environments. For too long, we’ve accepted training completion and mock phishing data as a sufficient way to measure this... by BrakeSec Education Podcast