WASHINGTON (Reuters) – President Joe Biden’s administration is releasing a fresh set of requirements for America’s most secure networks, mandating the use of government-approved encryption and ordering officials to report breaches to the National Security Agency (NSA.)
The requirements, laid out in a national security memorandum released Wednesday, require agencies such as the Pentagon, the Central Intelligence Agency, and the Department of Energy to implement baseline security measures for “national security systems” – networks where the most sensitive U.S. data is held.
Among the requirements: multi-factor authentication, or the use of multiple layers of passwords delivered via different services; NSA-approved encryption; and zero-trust architecture, an industry term for the continuous validation of users’ or devices‘ identities.
The memo builds on previous requirements from the Biden administration for federal civilian networks. The White House has made cybersecurity a priority after a series of digital debacles including a cybercriminal shakedown effort that briefly paralyzed gasoline deliveries to the East Coast last year and the discovery that allegedly Russian hackers had infiltrated several government agencies by piggybacking on network-monitoring software made by the company SolarWinds.
(Reporting by Raphael Satter; Editing by Alexandra Hudson)