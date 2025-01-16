The Biden administration unveiled on Thursday an executive order on cybersecurity that requires software vendors to disclose more information and sets new guidelines for businesses that sell to the US government.

Cybersecurity Executive Order Issued by the Biden Administration

The White House is looking to put in place new rules “to strengthen America’s digital foundations,” Anne Neuberger, deputy national security advisor for cybersecurity and emerging technology, said in a briefing with reporters on Wednesday.

Cyberattacks have caused an increasing number of disruptions inside federal agencies and companies in recent years.

Attackers have pulled off ransomware attacks at Change Healthcare, the operator of the Colonial Pipeline and the Ascension healthcare system. And Microsoft said in 2023 that Chinese attackers had broken into U.S. government officials’ email accounts, prompting a critical federal report and a series of changes at the software maker.

Companies selling software to the U.S. government will have to demonstrate that their development practices are secure, according to a statement. There will be “evidence that we post on a government website for all software users to benefit from,” Neuberger said.

The General Services Administration will have to set policy that makes cloud providers publish information to clients on how to operate securely.

Companies selling products and services to the U.S. government must adhere to a new set of security practices as a result of the executive order.

Cyber Trust Mark label

Last week, the White House announced the U.S. Cyber Trust Mark label to help consumers evaluate internet-connected devices. The executive order states that the U.S. government will only purchase such products if they carry the label, starting in 2027.

The order also directs the National Institute of Standards and Technology to come up with guidance for handling software updates. In late 2020, hackers gained access to Microsoft and U.S. Defense Department systems by targeting updates to SolarWinds’ Orion software.

It’s not clear if President-elect Donald Trump’s new administration will uphold the executive order. Biden’s cybersecurity officials have not met with those who will take up the work for Trump.

“We haven’t discussed, but we are very happy to, as soon as the incoming cyber team is named, of course, have any discussions during this final transition period,” Neuberger said.

US lawmakers supports TikTok’s fight against going dark

TikTok’s fortunes took a positive turn on Thursday as a growing number of U.S. officials said its Chinese owner should have more time to sell the app and stop it from being banned ahead of President-elect Donald Trump’s return to the White House.

Trump’s incoming national security adviser said the new Republican administration will keep the social media app used by 170 million Americans alive in the U.S. if there is a viable deal and top Senate Democrat Chuck Schumer urged President Joe Biden to extend by 90 days a deadline to shut it down on Sunday.

A law passed in April mandates TikTok’s owner, ByteDance, divest TikTok’s U.S. assets by Sunday to a non-Chinese buyer, or be banned on national security concerns.

“We will put measures in place to keep TikTok from going dark,” U.S. Representative Mike Waltz told Fox News, pointing to a provision in the law allowing for a 90-day extension if there is “significant progress” toward a divestiture.

“Essentially that buys President Trump time to keep TikTok going,” said Waltz, who was picked by Trump to be his national security adviser.