b'OOn May 12th, 2021, President Biden signed an Executive Ordermandating agencies improve their cybersecurity efforts. How is thisexecutive order impacting your agencys information technology andcybersecurity planning?Steven Hernandez: Its one of the critical events in the history of cybersecurity. Theexecutive order challenges us to ask What are the moonshots that we need to take today thats really going to help us stay ahead in the next decade or two decades?Weve done things like the Defense in Depth (DiD) model for years upon years, its classic, its probablyalmost 100 years old on technology side, obviously moat and castle has been around for a long time, but just like in modern combat or modern warfare, nobody builds castles and moats anymore. We really have to start thinking about next generation technologyZero trust architecture is also at the heart of what the executive order is asking us to. Something I appreciate about the executive order is that its more encompassing, and it recognizes that security does not exist in a vacuum If youre not in the cloud already, you better begetting there because a lot of the newer security capabilities youre going to need, frankly, only exist - in part with more completely in - our cloud environments. I think the last piece of the executive order calls us to take a good hard look at is our workforce building a qualified and skilled workforce that not only understands cybersecurity but also understands how the government works. Davon Tyler: [The executive order] created a roadmap and guidelines for [the US Mint] to enhance our ability to protect our assets from stopping threats The other piece is that [the executive order] helps to fill in the gaps. Things that you thought you might have done like housekeeping, but you look at the order and go, Oh, hey, what about this area? Let me fine tune over there. So, its having a great impact on the way that we protect our cyber assets at the US Mint. Brian Gattoni: CISA has a unique role in terms of its role in the [executive order]. Reflecting on the urgent need to improve our nations cybersecurity, the executive orders set clear near term deadlines. More than 40 of them are specific actions Overall the order is tasked CISA along with more than 15 agencies, including our partners at the Office Management Budget, the Attorney General, the Department of Defense, and NIST with specific responsibilities to develop, implement, and enforce the new measures to further defend against the threats of today and secure against the risks of tomorrow. We are urgently hitting the ground running to execute on all of these actions. Lets talk about some of the near term priorities first. Those involve our work and the supply chain and software assurance efforts. Working with our inner agency partners to establish baseline security standards . requiring developers to maintain greater visibility into their software and making security data publicly availableWere also providing support to the Federal Acquisition Regulatory Council in developing regulations for the procurement of software for the federal government Another critical action set out by the executive order to improve how the government responds to cyber incidents is theGovernment Business Council Securing the Nations Network|Page 5'