Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Finance

Posted By Reuters

Posted on January 11, 2025

As China hacking threat builds, Biden to order tougher cybersecurity standards

By AJ Vicens

DETROIT (Reuters) - President Joe Biden is calling for tighter cybersecurity standards for federal agencies and contractors in a new executive order due to be published in the coming days, pushing reforms designed to address repeated Chinese-linked cyber operations and cybercriminal operations, according to a draft of the order seen by Reuters.

The order is set to land in the waning days of Biden’s presidency, during which several high-profile, Chinese-linked hacks occurred, according to the U.S. government and cybersecurity research groups. The alleged activity targeted critical infrastructure, government emails, major telecom firms and, most recently, the U.S. Treasury Department. Beijing has rejected the allegations.

Biden's proposal calls for tougher standards for secure software development, the ability to verify that those standards have been met, and a process for the Cybersecurity and Infrastructure Security Agency (CISA) to evaluate the process, according to the draft.

Vendors will have to provide secure software development documentation to be evaluated and validated by CISA through the agency's software attestation program. Attestations that "fail validation" could be referred to the attorney general for “action as appropriate,” according to the draft.

Tom Kellermann, senior vice president of cyber strategy at cybersecurity company Contrast Security, said the attestation provisions do not go far enough but that he “applauds” the efforts to push more secure software development. The timelines for implementation laid out by the order seem “arbitrary,” he said, given the immediacy of the threats from China, Russia and powerful cybercriminal syndicates.

“They’re already here,” Kellermann said. “We are dealing with literally an insurgency across critical infrastructure and U.S. government agencies that has been stoked by the Russians and Chinese.”

The order also mandates the development of guidelines to securely manage access tokens and cryptographic keys used by cloud providers. Chinese-linked hackers abused this method to access email accounts used by top U.S. government officials in May of 2023, Microsoft said at the time.

Brandon Wales, vice president of cybersecurity strategy at cybersecurity company SentinelOne and formerly a top CISA official, told Reuters the order builds on ongoing work over the last five years to develop capabilities, get the right authorities, and funding. While the threat from China looms large – a “pacing threat” that is “driving the urgency and focus across the government” – the U.S. government and the private sector face a plethora of threats that need to be addressed.

“It makes sense to continue to look for ways to get the most value out of capabilities that have been built over the past two administrations,” Wales said. 

The White House declined to comment and CISA did not respond to a request for comment.

(Reporting by AJ Vicens in Detroit; Editing by Matthew Lewis)

Recommended for you

  • US hits Russian oil with toughest sanctions yet in bid to give Ukraine, Trump leverage

  • Senior UK lawmaker flags concerns about Shein to LSE and regulator

  • KKR explores potential sale of UK's Viridor, Bloomberg News reports